Security level 40
Security level 40 prevents potential integrity or security risks from programs that can circumvent security in special cases. Security level 50 provides enhanced integrity protection for installations with strict security requirements.
Table 1 compares how security functions are supported at levels 30, 40, and 50.
| Scenario description | Level 30 | Level 40 | Level 50 |
|---|---|---|---|
| A program attempts to access objects using interfaces that are not supported. | AF journal entry 1 | AF journal entry 1; operation fails. | AF journal entry 1; operation fails. |
| A program attempts to use a restricted instruction. | AF journal entry 1; operation fails. | AF journal entry 1; operation fails. | AF journal entry 1; operation fails. |
| The user submitting a job does not have *USE authority to the user profile specified in the job description. | AF journal entry 1 | AF journal entry 1; job does not run. | AF journal entry 1; job does not run. |
| A user attempts default sign-on without a user ID and a password. | AF journal entry 1 | AF journal entry 1; sign-on is not successful. | AF journal entry 1; sign-on is not successful. |
| A *USER state program attempts to write to the system area of disk that is defined as read-only or no access. | Attempt may succeed. | AF journal entry; 1 operation fails. | AF journal entry; 1 operation fails. |
| An attempt is made to restore a program that does not have a validation value. 2 | No validation is performed. Program must be converted before it can be used. | No validation is performed. Program must be converted before it can be used. | No validation is performed. Program must be converted before it can be used. |
| An attempt is made to restore a program that has a validation value. | Program validation is performed. | Program validation is performed. | Program validation is performed. |
| An attempt is made to change a program’s associated space. | Attempt is successful. | AF journal entry;1 operation fails. | AF journal entry;1 operation fails. |
| An attempt is made to change a job’s address space. | Attempt is successful. | AF journal entry;1 operation fails. | AF journal entry;1 operation fails. |
| A user state program attempts to call or transfer control to a system domain program. | AF journal entry 1 | AF journal entry;1 operation fails. | AF journal entry;1 operation fails. |
| An attempt is made to create a user domain object of type *USRSPC, *USRIDX, or *USRQ in a library not included in the QALWUSRDMN system value. | Operation fails. | Operation fails. | Operation fails. |
| A user state program sends an exception message to a system state program that is not immediately above it in the call stack. | Attempt is successful. | Attempt is successful. | Operation fails. |
| A parameter is passed to a user domain program running in the system state. | Attempt is successful. | Parameter validation is performed. | Parameter validation is performed. |
| An IBM-supplied command is changed to run a different program using the CHGCMD command. The command is changed again to run the original IBM-supplied program, which is a system domain program. A user attempts to run the command. | Attempt is successful. | AF journal entry;1 , 3 operation fails.3 | AF journal entry;1, 3 operation fails. 3 |
|
|||
If you use the auditing function at lower security levels, the system logs journal entries for most of the actions shown in Table 1, except those detected by the enhanced hardware protection function. You receive warnings in the form of journal entries for potential integrity violations. At level 40 and higher, integrity violations cause the system to fail the attempted operation.