Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
RACROUTE REQUEST=DIRAUTH: Directed authorization check of security classification z/OS Security Server RACROUTE Macro Reference SA23-2294-00 |
|
This service compares two security labels. The security labels may be passed directly, or as part of an ACEE or UTOKEN. The class name determines the type of comparison made between the security labels, unless the TYPE parameter is specified. Note that the security labels should be obtained from the same system since a SECLABEL name may not represent the same security classification on different systems. Components that need to compare security labels for equality may do a check for an exact match without issuing this macro. The message-transmission managers (that is, VTAM®, TSO/E, and Session Manager) use the RACROUTE REQUEST=DIRAUTH macro with RTOKEN specified to ensure that the receiver of a message, represented by the ACEE of the current address space, meets security-label authorization requirements. That is, the security label of the receiver of the message must dominate (be equal to or higher than) the security label of the message. When invoked as these managers do, with just the RTOKEN or just the RTOKEN and LOG keywords specified, if the security label of the receiver does not dominate the security label of the message, DIRAUTH performs additional processing to determine if the receiver has access to any security label that could dominate the message. To use this service, you must specify RELEASE=1.9 or a later release number. The caller of RACROUTE REQUEST=DIRAUTH must be authorized (APF-authorized, in system key 0–7, or in supervisor state). The caller cannot hold any locks when issuing RACROUTE REQUEST=DIRAUTH. This request is SRB-mode compatible. When issuing RACROUTE REQUEST=DIRAUTH
in SRB mode, you must ensure that the jobstep task pointed to by the
ASCBXTCB field in the target address space is active when you schedule
the SRB and that it remains active until the SRB completes.
Note: In
order to ensure that the SRB does not run after the ASCBXTCB task
completes, you must enable purgeDQ to deal with that SRB. In particular:
RACROUTE REQUEST=DIRAUTH can also be invoked from a cross memory environment, when in task or SRB mode. The ACEE used for authorization checking must reside in the HOME address space (unless ACEEALET specifies a different address space). Callers in cross-memory mode must be in supervisor state. RACROUTE REQUEST=DIRAUTH interrogates the setting of SETR MLS during dominance checking for ACCESS=READWRITE and ACCESS=WRITE to determine if write-down is allowed on the system. It does not support WARNING mode for SETR MLS and will process write-down violations as failures. RACROUTE REQUEST=DIRAUTH does not check whether or not security labels are required, nor does it always bypass security label checking if the ACEE indicates trusted or privileged authority. If a full authorization check, including the checking of security labels, is needed then RACROUTE REQUEST=AUTH, RACROUTE REQUEST=FASTAUTH, or the ck_access callable service should be used. |
Copyright IBM Corporation 1990, 2014
|