Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Authorization summary for SETROPTS MLS(FAILURES) and MLS(WARNINGS) z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|||||||||||||||||||||
Table 1 shows the required relationship that must exist between the user's security label and the security label of the resource in order for user to gain access to the resource while the SECLABEL class is active and SETROPTS MLS(FAILURES) or MLS(WARNING) is in effect, based on the type of MAC checking and the requested access level. When SETROPTS MLS is in effect and a user has a security label but the resource does not, the user will fail to gain access to the resource because the authorization checking is done using RACROUTE REQUEST=AUTH. The user will be successful in gaining access when the authorization check is done using RACROUTE REQUEST=FASTAUTH, even when SETROPTS MLS is in effect.
|
Copyright IBM Corporation 1990, 2014
|