Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Delegating the authority for specifying signature verification options z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
If you want to delegate the authority for specifying signature verification options to users who do not have the SPECIAL attribute, you must use field-level access checking to authorize UPDATE access to the appropriate fields in the SIGVER segment of PROGRAM class profiles. Users with the AUDITOR attribute cannot specify auditing options for signature verification unless you authorize them with UPDATE access to the SIGAUDIT field. The following example authorizes a group called SIGNGRP to specify all signature verification options, and authorizes a second group called AUDGRP to control only the auditing options for signature verification. Example:
For a complete list of the resource name qualifiers that control each field of the SIGVER segment, see the details about the SIGVER segment in Table 1. |
Copyright IBM Corporation 1990, 2014
|