Security-Relevant CP Commands
| Command | Operand | VMXEVENT Member | Class | CC-Secure | CC-Secure with LSM | |||
|---|---|---|---|---|---|---|---|---|
| Audit | DAC | Audit | DAC | MAC | ||||
| ATTACH | device | ATTACH | optional | optional | optional | mandatory | R/W | |
| ATTACH | XSTORE | ATTACH | optional | optional | optional | mandatory | R/W | |
| AUTOLOG⁴ | AUTOLOG.A, AUTOLOG.B | A,B | optional | no | optional | no | W/O with access | |
| CHANGE | CHANGE.G | G | optional | no | optional | no | W/O | |
| CHANGE | SECLABEL | CHANGE.D | D | optional | no | optional | no | no |
| CHANGE | TO | CHANGE.G, TRANSFER.G | G | optional | optional | optional | optional | W/O |
| CLOSE | TO | CLOSE, TRANSFER.G | G | optional | optional | optional | optional | no |
| COUPLE | COUPLE | G | optional | no | optional | no | R/W | |
| DEFSYS | DEFSYS | optional | no | optional | no | no | ||
| DEFSEG | DEFSEG | optional | no | optional | no | no | ||
| DIAL | DIAL | no | mandatory¹ | no | mandatory¹ | no | ||
| FOR | FOR.C, FOR.G | C,G | optional | optional | optional | optional | R/W | |
| GIVE | GIVE | optional | no | optional | no | no | ||
| IPL | sysname | IPL | optional | mandatory² | optional | mandatory | R/O or R/W | |
| LINK | LINK | optional | mandatory | optional | mandatory | R/O or R/W | ||
| LOGOFF | LOGOFF | optional | no | optional | no | no | ||
| LOGON⁴ | SECLABEL, HERE | LOGON | optional | no | optional | no | access | |
| LOGON | to logical device | LOGON | optional | no | optional | no | R/W³ | |
| MESSAGE | MESSAGE.ANY | ANY | optional | mandatory¹ | optional | mandatory¹ | W/O | |
| MESSAGE | ALL, ALLDBCS, ALLSBCS | MESSAGE.A, MESSAGE.B | A,B | optional | no | optional | no | no |
| MSGNOH | MSGNOH | B | optional | no | optional | no | W/O | |
| MSGNOH | ALL, ALLDBCS, ALLSBCS | MSGNOH | B | optional | no | optional | no | no |
| QUERY | RDR/PRT/PUN | QUERY.READER.G, QUERY.READER.D, QUERY.PRINTER.G QUERY.PRINTER.D, QUERY.PUNCH.G, QUERY.PUNCH.D | optional | no | optional | no | R/O | |
| QUERY | rdev | none | optional | no | optional | no | no | |
| QUERY | TAG | QUERY.TAG | optional | no | optional | no | R/O | |
| QUERY | TRFILES | QUERY.TRFILES.A, QUERY.TRFILES.C, QUERY.TRFILES.D, QUERY.TRFILES.E, QUERY.TRFILES.G | optional | no | optional | no | R/O | |
| RESET | RESERVE | RESET.B | optional | no | optional | no | no | |
| SEND | SEND.C | C | optional | no | optional | no | W/O | |
| SEND⁵ | SEND.G | G | optional | no | optional | no | R/W | |
| SET | LOGMSG | SET.LOGMSG | B | optional | no | optional | no | no |
| SET | OBSERVER | SET.OBSERVER.A, SET.OBSERVER.C, SET.OBSERVER.G, | A,C,G | optional | no | no | no | R/O |
| SET | PASSWORD | SET.PASSWORD | B | optional | no | optional | no | no |
| SET | PRIVCLAS | SET.PRIVCLASS.C, SET.PRIVCLASS.ANY | C,ANY | optional | no | optional | no | no |
| SET | SECUSER | SET.SECUSER.A, SET.SECUSER.C, SET.SECUSER.G | A,C,G | optional | no | no | no | R/W |
| SMSG | SMSG | optional | no | optional | no | W/O | ||
| SPOOL | FOR, TO | SPOOL, TRANSFER.G | optional | optional | optional | optional | no | |
| START | SECLABEL | START.D | optional | no | optional | mandatory | no | |
| STORE | HOST | STORE.C | optional | optional | optional | optional | no | |
| TAG | DEVICE | TAG | optional | optional | optional | optional | no | |
| TAG | FILE | TAG | optional | optional | optional | optional | W/O | |
| TAG | QUERY | QUERY.TAG | optional | no | optional | no | R/O | |
| TRANSFER | TRANSFER.D, TRANSFER.G | D,G | optional | optional | optional | optional | no | |
| TRSAVE | TO | TRSAVE.A, TRSAVE.C, TRANSFER.D | optional | optional | optional | optional | no | |
| TRSOURCE | TRSOURCE | optional | optional | optional | optional | no | ||
| TRSOURCE | ENABLE | TRSOURCE | optional | no | optional | mandatory | R/W | |
| UNDIAL | UNDIAL | no | mandatory¹ | no | mandatory¹ | no | ||
| VMDUMP | TO | VMDUMP, TRANSFER.G | optional | optional | optional | optional | no | |
| VMRELOCATE | VMRELOCATE | A | optional | no | optional | no | no | |
| WNG | WARNING.A, WARNING.B, WARNING.C | A,B,C | optional | no | optional | no | W/O | |
| WNG | ALL, ALLDBCS, ALLSBCS | WARNING.A, WARNING.B | A,B | optional | no | optional | no | no |
| XAUTOLOG⁴ | ON | XAUTOLOG.A, XAUTOLOG.B | A,B | optional | no | optional | no | W/O |
| XAUTOLOG⁴ | XAUTOLOG.G | G | optional | mandatory | optional | mandatory | W/O | |
| Note:
¹ The DIAL, MESSAGE and UNDIAL command must be disabled prior to LOGON. ² This only applies to restricted members. ³ If logging on from a device that was created with DIAGNOSE X'7C' a R/W MAC will be made to ensure that SECLABEL of the creator of the device and the SECLABEL of the person logging on are equal. ⁴ User authentication is performed, including password checking, if necessary. ⁵ Although the SEND itself might be considered write-only, a class G SEND command is only permitted if the issuer is a functional secondary user for the target, which requires read-only access. So a class G SEND command requires equivalent seclabels (W/O+R/O). |
||||||||