ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Top Secret Equivalent of TRUSTED=YES In RACF

book

Article ID: 53354

calendar_today

Updated On:

Products

Top Secret Top Secret - LDAP

Issue/Introduction

What is the  Top Secret equivalent of TRUSTED=YES in RACF?

Resolution

Although there is not a single Top Secret attribute that is the equivalent of TRUSTED=YES in RACF, there are the bypass attributes in CA Top Secret such as NODSNCHK, NOVOLCHK, NORESCHK, NOSUBCHK, and NOLCFCHK, that can be given to an ACID to bypass security checks. All bypass attributes that result in an access permission are audited to the Audit and Tracking File.

For STC ACIDs, there is also the BYPASS attribute as an alternative :

TSS ADD(STC) PROCNAME(xxxx) ACID(BYPASS)

There are Started Tasks that can have the BYPASS attribute and does not generates an audit finding.

The Trusted Started Tasks table on STIG ID BTSS0019 lists which Started Tasks can have this attribute.