Access Resources That Aren't Defined To Top Secret?
Article ID: 188967
Top SecretWEB ADMINISTRATOR FOR TOP SECRET
In a converted RACF to Top Secret member, there are some TSS commands that are to protect certain resources, Can an user be using the resources if they are not protected under Top Secret? After they are protected, can it cause a security problem?
Release : 16.0
Component : CA Top Secret for z/OS
Yes. When a resource is checked and the resource is not protected (owned) by Top Secret, Top Secret passes back a return code of 04 indicating the resource is not owned. It is then up to the calling application to allow or deny the access. In many cases, the application allows the access if a return code 04 is received. Once protected, the users that were getting access because the resource wasn't owned will now need to be permitted to the resource to get access.