Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Tape volume protection (TAPEVOL active and TAPEDSN inactive) z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
A tape volume is RACF-protected when it is explicitly defined to RACF® for protection. Tape volumes are defined to RACF by (1) an authorized user issuing the RDEFINE command without the TVTOC operand, or (2) RACROUTE REQUEST=DEFINE when the TAPEVOL class is active and the PROTECT parameter is specified on a JCL DD statement or during EOV processing. RACF authorizes access to protected tape volumes through RACF authorization checking. RACF bypasses any tape data set password protection. If the tape volume is not RACF-protected, or the SETROPTS TAPEDSN option is not active, data management authorizes access to tape data sets by password protection. If RACF authorizes a user
to access an explicitly defined tape volume, the user has access to
all of the tape data sets on the volume. Therefore, you should only
place tape data sets that have similar RACF authorization
requirements on the same volume.
|
Copyright IBM Corporation 1990, 2014
|