The owner and possibly other co-owners have the right to administer job variables, i.e. to create, change, delete and specify the attributes of job variables.

The owner is the user ID in whose catalog a job variable was created. This ownership cannot be changed later on.

The co-owner is the user ID TSOS by default. This co-ownership can be changed with the help of the SECOS product: User IDs can be defined as co-owners, and the co-ownership for TSOS is also limited. One exception to this are the temporary job variables. There is no way to control co-ownership for these job variables.

Some protection attributes are specified by the system administration (regardless of the ownership):

• The system parameter FSHARING specifies if job variables are also accessible for user IDs that do not have a user entry for the pubset of the job variable.

• When using SECOS systems support can define global pubset default values for protection attributes of job variables. These values take effect when no protection
  attributes were assigned when the job variable was set up and there are no user specific default values.

Controlling co-ownership

With the GUARDCOO subsystem it is possible to define co-owners of job variables. Coownership allows a user logged in under a user ID other than that of the owner to create, modify and delete job variables with the same privileges as the owner of the job variable. If the GUARDCOO subsystem is not activated or an error occurs while checking the access privileges, then the co-ownership is ignored, i.e. only the common access privileges are in effect.
GUARDCOO is part of the SECOS software product.

The definition of the co-owner is done with GUARDS in two steps:

• Job variables for which the co-owners are to be specified are selected using name patterns (rules) in rule containers (guards). The name patterns are evaluated for
  existing job variables as well as for new job variables, but not for temporary job
  variables.

• You then specify who is allowed to execute which administration functions under what conditions for each guard. Co-ownership can be assigned for certain user IDs,
  members of certain user groups or owners of certain global system privileges.

You will find more detailed information on controlling co-ownership with SECOS in the SECOS manuals (see the “SECOS” manual [10]) under the keyword “co-owner
protection”).

Restricted TSOS co-ownership

The owner can restrict the access and administration privileges of the TSOS user ID. Under the user ID TSOS the protection attributes of an external job variable (i.e. TSOS is not the owner) cannot be changed anymore, and it is also not possible anymore to delete a job variable when bypassing the protection attributes (IGNORE=ACCESS): If TSOS coownership is set to *RESTRICTED for a name pattern, then the IGNORE= ACCESS specification is ignored and the privilege check based on the protection attributes for ACCESS, basic ACL and GUARDS is used instead.

See also the GUARDS command /ADD-COOWNER-PROTECTION-RULE in the “SECOS” [10] manual. Primarily affected by the restriction are the JV commands /DELETE-JV and /MODIFY-JV-ATTRIBUTES (see “Commands” manual [1]).

The restriction of co-ownership for job variables has no effect under the TSOS user ID because TSOS is the (permanent) owner of the job variables.

You will find more detailed information on the restriction of co-ownership with SECOS in the SECOS manuals (see the “SECOS” manual [10]) under the keyword “co-owner
protection”).