How does FSACCESS CHECKING impacts a logonid with LIMITED privilege?
UNIXOPTS:
HFS SECURITY ACTIVE: NO
FSACCESS CHECKING: YES
List id:
SET LID
LIST IZUGUEST
IZUGUEST ZOSMF GUEST USER UID(IZUGUE )
PRIVILEGES JOB LIMITED NO-STORE RESTRICT
FSA Rule:
SET RESOURCE(FSA)
LIST LIKE(-)
ACF75052 RESOURCE RULE **************************************** STORED BY ABCD ON xx/yy/zz-12:12
$KEY(****************************************) TYPE(FSA)
- UID(*) SERVICE(UPDATE) ALLOW
Release : 16.0
Component : ACF2 for z/OS
A logonid with LIMITED privilege also restricts access to UNIX files and directories in addition to limited access to data sets and resources with UID(*) ALLOW rule entry.
If FSACCESS CHECKING is enabled on the system and a logonid has LIMITED privilege, the access for this logonid would be restricted.
A rule entry specific to the logonid UID for SET RESOURCE(FSA) can be added to give access and ACFRPTRV report can be run to find the specific resource being validated.