ACTION(xxxxxx) improperly set on TSS PERMIT command
Article ID: 71677
Updated On:
Products
Top Secret
Top Secret - LDAP
Issue/Introduction
Adding ACTION(xxxxxxx) on a PERMIT is improperly set.
When adding a FACILITY(...) definition to an Accessor ID, the following ACTION(...) settings are improperly permitted:
ACTION(ADMIN) - This setting is apparently discarded in that it is not reported by a subsequent TSS LIST command. ACTION(EXIT) ACTION(FAIL) ACTION(NODSN) - This setting is reported as ACTION(DENY) by a subsequent TSS LIST command.
ACTION(PASSWORD) - This setting is reported as ACTION(DENY) by a subsequent TSS LIST command. ACTION)REVERIFY). ACTION(VMPRIV).
When adding a FACILITY(...) definition to an Accessor ID, the following ACTION(...) settings are improperly permitted:
ACTION(ADMIN) - This setting is apparently discarded in that it is not reported by a subsequent TSS LIST command. ACTION(EXIT) ACTION(FAIL) ACTION(NODSN) - This setting is reported as ACTION(DENY) by a subsequent TSS LIST command.
ACTION(PASSWORD) - This setting is reported as ACTION(DENY) by a subsequent TSS LIST command. ACTION)REVERIFY). ACTION(VMPRIV).
Environment
Release:
Component: TSSMVS
Component: TSSMVS
Resolution
Most TSS users use the ACTION keyword with the PERMIT. Per the doc: ACTION Keyword—Assign Actions
AUDIT, NOTIFY and DENY are the valid ACTIONS for FACILITYs. FAIL,AUDIT,NOTIFY,DENY,VMPRIV,PASSWORD, NODSNCHK,ADMIN, EXIT, REVERIFY are valid ACTIONs for the PERMIT.
Test fix ST00139 was written to correct the validation of the ACTION values associated with a FACILITY.
Feedback
Yes
No
Powered by
