Only the file owner (see "Defining protection attributes" for definition) can delete a file (ERASE macro, DELETE-FILE command) or modify its attributes (CATAL macro, MODIFY-FILE-ATTRIBUTES command).
If co-ownership rights have been assigned for a user ID (see "Defining co-ownership (co-owners)"), then the co-owners have the same rights with regard to the deletion, modification and display of file attributes as the file owner.

The user ID with the TSOS privilege has the same access rights as the file owner (subject to restrictions, see "Restrictions on TSOS co-ownership").
It can display and modify the attributes of any file, even without entering an existing password, provided that its co-ownership has not been restricted. For tape files, this is true only insofar as it is technically possible (e.g. the labels cannot be modified without the use of a special copy program).

The user ID with the TSOS privilege can also find out which password has been assigned to a file. If, however, password encryption is used, only the encrypted value is shown; this cannot be used to gain access to files.

Write access authorization is required in order to delete a file (ACCESS=WRITE or the appropriate attributes with BACL or GUARDS).
If IGNORE=ACCESS is used in the ERASE macro or IGNORE=*ACCESS in the DELETE-FILE command, the absence of write access can be ignored and the file can be deleted without first changing the protection attributes.