search cancel

Access Resources That Aren't Defined To Top Secret?

book

Article ID: 188967

calendar_today

Updated On:

Products

Top Secret WEB ADMINISTRATOR FOR TOP SECRET

Issue/Introduction

In a converted RACF to Top Secret member, there are some TSS commands that are to protect certain resources, Can an user be using the resources if they are not protected under Top Secret? After they are protected, can it cause a security problem?

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

Yes. When a resource is checked and the resource is not protected (owned) by Top Secret, Top Secret passes back a return code of 04 indicating the resource is not owned. It is then up to the calling application to allow or deny the access. In many cases, the application allows the access if a return code 04 is received. Once protected, the users that were getting access because the resource wasn't owned will now need to be permitted to the resource to get access.