Standard access control (USER-ACCESS/SHARE and ACCESS)

When a catalog entry is created (via the CATAL macro or CREATE-FILE command), file protection via standard access control is set by default. The specifications for standard access control are always entered into the file catalog regardless of whether or not a BACL has been activated or whether a GUARDS entry exists for the file. If a higher access protection level (using a BACL or GUARDS) is defined at the same time, the standard access control values will be entered into the file catalog, but ignored for the current access operation.

Basic Access Control List, BACL

Users who wish to use the basic access control list (BACL) for file protection must activate it themselves (by using the CREATE-FILE or MODIFY-FILE-ATTRIBUTES command or the CATAL macro). Specifications for the BACL are entered in the file catalog. If a higher protection level is defined at the same time as the BACL (GUARDS), the BACL values will be ignored for access purposes.

If an existing basic access control list (BACL) is deleted (command MODIFY-FILE-ATTRIBUTES; macro CATAL) and no higher access protection exists, any standard access control values specified previously or at the same time are activated again, i.e. standard access control is reinstated as the protection mechanism.

GUARDS

If a file has a GUARDS entry then access control is regulated by GUARDS alone.

Any existing BACL protection will be reinstated after GUARDS has been deactivated.

If no BACL protection is defined, the USER-ACCESS/ACCESS protection attributes are reinstated after GUARDS deactivation.