Standard access control is regulated by means of the ACCESS and USER-ACCESS operands in the CREATE and MODIFY commands (see above).

Standard access control via the protection attributes ACCESS and USER-ACCESS offers itself whenever higher-level access protection by means of an access control list or basic access control list is not desired.

If neither a BACL nor a guard is defined, standard access control automatically becomes effective. In addition, the passwords and retention period are always checked.

Protection attribute ACCESS

Write access or just read access for a file can be specified by setting the ACCESS protection attribute. Write access also implies read access.

Protection attribute USER-ACCESS

The protection attribute USER-ACCESS can be used to specify whether only the owner (*USER-ONLY) or all other users (*ALL-USERS, including or excluding the user with the privilege of HARDWARE-MAINTENANCE for online maintenance) may access a file.

Note for the user ID with the privilege HARDWARE-MAINTENANCE

File access is granted to the user ID with this privilege only under the following conditions:

• If the file is protected by guards, then access conditions must be specified in the guard that allow the privileged user ID access.

• If the file is not protected with guards but instead using a basic access control list (BACL), then this list must allow privileged users access.

• When the file is not protected by guards or BACL, then USER-ACCESS=*SPECIAL must be set.