Top Secret TSS LIST(ACIDS) DATA(ALL) Output Analysis



All about SAF, RACF, encryption, Firewall, Risk assessment and integrity concepts

Top Secret TSS LIST(ACIDS) DATA(ALL) Output Analysis

Postby chamomile » Tue Sep 27, 2016 9:53 pm

Hello all,

I need help with analyzing the output for the TSS LIST(ACIDS) DATA(ALL) command in Top Secret. I am new to this, so I apologize in advance if this is too simple of a question.

Here's what I have in my mind. In the case below, for MSCA, there's no question that it has FACILITY = *ALL* access (seen right underneath the TYPE option) - which means it truly has access to all facilities.

ACCESSORID = MSCA      NAME       = MASTER SECURITY
TYPE       = MASTER    SIZE       =    14336  BYTES
FACILITY   = *ALL*
CREATED    = 06xxx  00:00  LAST MOD   = 07/xxxx  13:26
PROFILES   = CxxxR
GROUPS     = OxxxxV
ATTRIBUTES = AUDIT,CONSOLE
LAST USED  = 05/xxxx 08:35 CPU(MVS1) FAC(TPX     ) COUNT(01195)


When analyzing the rest of the content, I noticed the FACILITY = *ALL* parameter for several other ACIDs, but this time, it's next to the LOCK TIME option. Also, the ACID has other facilities explicitly defined under the TYPE option:

ACCESSORID = CxxxxxxP   NAME       = ANY PROFILE
TYPE       = PROFILE   SIZE       =      512  BYTES
FACILITY   = TSO
FACILITY   = CISCIS
FACILITY   = SAMDNY
DEPT ACID  = D0022     DEPARTMENT = DEPT
CREATED    = 12/xxxxx  00:00  LAST MOD   = 02/xxxx  09:06
LOCK TIME  = NEVER       FACILITY   = *ALL*



So, the question is - what does FACILITY = *ALL* mean in the case above? Does it mean that it has access to all facilities, bypassing the 3 facilities that are explicitly defined above? Or something else? Such as, the lock time applies to all facilities, which then gets further controlled by the facilities defined on top?

Thank you in advance for your help.
chamomile
 
Posts: 2
Joined: Tue Sep 27, 2016 9:33 pm
Has thanked: 0 time
Been thanked: 0 time

Re: Top Secret TSS LIST(ACIDS) DATA(ALL) Output Analysis

Postby NicC » Wed Sep 28, 2016 3:55 pm

The source of all knowledge for this is the manual and your TSS support group. What do they say (you DO have access to the manuals - somewhere).

Note that you should present your data from a screen using the code tags (available via the POSTREPLY button, or manually coded (as I have done for you).
The problem I have is that people can explain things quickly but I can only comprehend slowly.
Regards
Nic
NicC
Global moderator
 
Posts: 3025
Joined: Sun Jul 04, 2010 12:13 am
Location: Pushing up the daisies (almost)
Has thanked: 4 times
Been thanked: 136 times

Re: Top Secret TSS LIST(ACIDS) DATA(ALL) Output Analysis

Postby chamomile » Wed Sep 28, 2016 8:58 pm

Thanks for the corrections.
You can close this request.
I couldn't find anything in manuals, but I found a TSS forum as you suggested and they were able to assist me.

Thank you.
chamomile
 
Posts: 2
Joined: Tue Sep 27, 2016 9:33 pm
Has thanked: 0 time
Been thanked: 0 time


Return to Mainframe Security

 


  • Related topics
    Replies
    Views
    Last post