Although an object can be carefully protected
by an ACL and a protection code, a user can still gain access through
the use of privilege or control access.
How Privileges Affect Protection Mechanisms
Security administrators can assign privileges
to users when they create or modify user accounts. The system privileges
READALL and BYPASS affect user access, regardless of the access dictated
by an ACL for the object or by other elements in its security profile.
The privileges SYSPRV and GRPPRV are controlled through the system
category of the protection code. The privileges have the following
meanings:
BYPASS
A user with BYPASS privilege
receives all types of access to the object, regardless of its protection.
GRPPRV
A user with GRPPRV privilege
whose UIC group matches the group of the owner of the object receives
the same access accorded to users in the system category. Thus, the
user with GRPPRV privilege is able to manage any of the group's
objects.
READALL
A user with READALL privilege
receives read access to the object, even if that access is denied
by the ACL and the protection code. In addition, the user can receive
any other access granted through the protection code.
SYSPRV
A user with SYSPRV privilege receives the
access accorded to users in the system category.
When you define ACLs or protection codes for your
objects, remember that users with amplified privileges are entitled
to special access to objects throughout the system. For example, there
is no way to stop a user with the BYPASS privilege from accessing
your files. Users with GRPPRV privilege
have the power to perform many system management functions for other
members of their UIC group. Protection of your objects
depends on the judgment of your security administrator in granting
these privileges.
Using Control Access to Modify an Object Profile
Any user with control access to an object can
change its protection code and ACL and thereby gain access to an object.
For all object classes but files, control access also allows a user
to modify the object's owner. To modify the owner of a file generally
requires privilege (see “Types of Access”).
You obtain control access in any of the following
ways:
You hold an identifier
to which the object's ACL gives control access.
You have the same UIC
as the owner of the object.
You qualify as a member
of the system user category, and the object has an owner with a nonzero
UIC. For example, you hold GRPPRV (with a matching group UIC) or SYSPRV.
(See the “Controlling Access with Protection Codes” for a full description of system
users.)
For some objects, access can be granted either
by a special privilege (beyond those listed in “How Privileges Affect Protection Mechanisms”) or by
an all-inclusive type of access. This is particularly true of a queue.
A user with operator (OPER) privilege is granted all types of access
to a queue. A user with manage access implicitly possesses the three
other types of queue access: read, submit, and delete. “Descriptions of Object Classes” lists each
object class with its access types and meanings and any special privilege.
