Users with the user ID EXAMPLE are to be permitted to load and start only one program, in this case, the file editor EDT, which is cataloged under the privileged user ID TSOS.

The desired restriction may be put into effect via the group syntax file
$TSOS.SYS.SDF.GROUP.SYNTAX.EXAMPLE. In this file, the definitions of the commands START-PROGRAM and LOAD-PROGRAM must be modified accordingly.

• The START-PROGRAM command is to be renamed to START-EDITOR and have no visible operands. The START-EDITOR command must not be already defined in the syntax file hierarchy.

• The LOAD-PROGRAM command is to retain its name. Its operands, with the exception of FROM-FILE, are to be invisible.

• In BLSSERV V2.3 and higher the functionality of START-PROGRAM and LOAD-PRO-GRAM are also offered with improved syntax via the new commands START- and LOAD-EXECUTABLE-PROGRAM. In this case the two new commands must also be locked or their syntax definitions are to be modified in the same manner as for START-PROGRAM and LOAD-PROGRAM.

• The old commands EXECUTE and LOAD and the START commands of other programs are disabled so that the defined limitation cannot be bypassed.

1. A task is initiated under the privileged user ID TSOS.

2. SDF-A is loaded and started.

3. The group syntax file SYS.SDF.GROUP.SYNTAX.EXAMPLE is opened as a new file to be created. By default, the activated system syntax file is assigned as a reference file. The command definitions contained in the reference file can be modified in the open group syntax file.

4. The commands LOAD and EXECUTE are disabled.

5. The command START-PROGRAM is displayed. By default, the display is at the MINIMUM level of detail (see "Example 4: Permitting only one program (EDT)").

   START-PROGRAM(SRPG,SR,START-PROG)
      FROM :2OSH:$TSOS.SYSSDF.BLSSERV.023 (SYSTEM)
         FROM-FILE =
            STRUCTURE: *MODULE
               LIBRARY = *DBL-DEFAULT
                  STRUCTURE: *LINK
                     LINK =
               ELEMENT-OR-SYMBOL(ELEMENT,ELEM) = *ALL
                  STRUCTURE: composed-name
                     VERSION = *STD
                  STRUCTURE: c-string
                     VERSION = *STD
               PROGRAM-MODE = *DBL-DEFAULT
               RUN-MODE = *DBL-DEFAULT
                  STRUCTURE: *ADVANCED
                     ALTERNATE-LIBRARIES = *DBL-DEFAULT
                     NAME-COLLISION = *DBL-DEFAULT
                     UNRESOLVED-EXTRNS = *DBL-DEFAULT
                     ERROR-EXIT = *DBL-DEFAULT
                     MESSAGE-CONTROL = *DBL-DEFAULT
                     LOAD-INFORMATION = *DBL-DEFAULT
                     PROGRAM-MAP = *DBL-DEFAULT
                        STRUCTURE: *SYSLST
                           SYSLST-NUMBER = *STD
                        STRUCTURE: *BOTH
                           SYSLST-NUMBER = *STD
                     SHARE-SCOPE = *DBL-DEFAULT
                        STRUCTURE: *MEMORY-POOL
                           SCOPE = *ALL
                     IGNORE-ATTRIBUTES = *DBL-DEFAULT
                     REP-FILE = *DBL-DEFAULT
                     AUTOLINK = *DBL-DEFAULT
                     PROGRAM-VERSION = *DBL-DEFAULT
            STRUCTURE: *PHASE
               LIBRARY =
               ELEMENT =
               VERSION = *STD
        CPU-LIMIT = *JOB-REST
        TEST-OPTIONS = *DBL-DEFAULT
        MONJV = *NONE
        RESIDENT-PAGES = *PARAMETERS
            STRUCTURE: *PARAMETERS
                 MINIMUM = *STD
                 MAXIMUM = *STD
        VIRTUAL-PAGES = *STD

   //show *operand(from-f,orig=*com(start-prog)),siz=*med,att-inf=*n  (6) FROM-FILE =      filename or *MODULE() or *PHASE() //edit *oper(from-f,orig=*com(start-prog)) ———————————————————  (7) //mod-oper def='$edt',pres=*intern ———————————————————————————  (8) //edit *oper(cpu-lim) ————————————————————————————————————————  (9) //mod-oper pres=*intern //edit *oper(test-opt) //mod-oper pres=*intern //edit *oper(monjv) //mod-oper pres=*intern //edit *oper(resid-p) //mod-oper pres=*intern //edit *oper(resid-p,par,min) ———————————————————————————————— (10) //mod-oper pres=*intern //edit *oper(resid-p,par,max) //mod-oper pres=*intern //edit *oper(virt-p) //mod-oper pres=*intern

6. The FROM-FILE operand of the START-PROGRAM command is displayed at the medium level of detail. Output of the structures attached to the values MODULE and PHASE is suppressed.
   

7. The file is positioned to the FROM-FILE operand of the START-PROGRAM command. This operand becomes the current object in the open syntax file.

8. The operand that is the current object (FROM-FILE) is assigned the default value '$EDT'. At the user interface of the command the operand is made invisible, provided it has a default value.

9. The other operands of the START-PROGRAM command are also made invisible. The command name need not be specified for positioning as the specification made in step 7 is still effective.

10. The RESIDENT-PAGES operand, which is made invisible, has a default value to which a structure is attached. The operands included in this structure must also be made invisible.

    
    

    //show *com(start-prog),att-inf=*n,size=*max ———————————————————— (11) START-PROGRAM(SRPG,SR,START-PROG)      Loads a program (load or object module) to the memory and starts it //edit *com(start-prog) ————————————————————————————————————————— (12) //mod-cmd start-editor,help=(e('Loads the EDT to the memory and starts - //it.'),d('Laedt den EDT in den Speicher und startet ihn.')) ———— (13) //show *com(start-editor) ——————————————————————————————————————— (14)

11. The header of the START-PROGRAM command is displayed with the corresponding help text.

12. The file is positioned to the START-PROGRAM command.

13. The name of the command which is the current object (START-PROGRAM) is modified to START-EDITOR. The help texts are modified in accordance with the restricted functional scope. If a START-EDITOR command has already been defined in the system, the statement does not appear.

14. The START-EDITOR command is displayed (see next page). The display has the MINIMUM level of detail. By default it is assigned its previous name START-PROGRAM and several abbreviations. The operands of the structure FROM-FILE=*MODULE(...) and FROM-FILE=*PHASE(...) are still displayed in SDF-A because they are defined using PRESENCE=*NORMAL. However, these operands are no longer visible on the user interface and can no longer be entered.

    
    

    START-EDITOR(SRPG,SR,START-PROG,START-PROGRAM)      FROM SYS.SDF.GROUP.EXAMPLE (GROUP)                LIBRARY = *STD                     STRUCTURE: *LINK                          LINK =                ELEMENT = *ALL                     STRUCTURE: filename                          VERSION = *STD                     STRUCTURE: c-string                          VERSION = *STD                PROGRAM-MODE = *24                RUN-MODE = *STD                     STRUCTURE: *ADVANCED                          ALTERNATE-LIBRARIES = *NO                          NAME-COLLISION = *STD                          UNRESOLVED-EXTRNS = *STD                          ERROR-EXIT = X'FFFFFFFF'                          MESSAGE-CONTROL = *INFORMATION                          LOAD-INFORMATION = *DEFINITIONS                          PROGRAM-MAP = *NO                               STRUCTURE: *SYSLST                                    SYSLST-NUMBER = *STD                               STRUCTURE: *BOTH                                    SYSLST-NUMBER = STD                          SHARE-SCOPE = *SYSTEM-MEMORY                               STRUCTURE: *MEMORY-POOL                                    SCOPE = *ALL                          IGNORE-ATTRIBUTES = *NONE                          REP-FILE = *NONE                          AUTOLINK = *YES                LIBRARY =                ELEMENT =                VERSION = *STD //remove *com((start-archive,start-binder,start-hsms,...)) (15) //show *com(load-prog) ———————————————————————————————— (16)

15. All the other (still functioning) START commands must be disabled so that only the program EDT can be started. The START commands of many programs are eliminated without being disabled using the command
    % CMD0185 OPERAND NAME 'FROM-FILE' COULD NOT BE IDENTIFIED.

16. The LOAD-PROGRAM command is displayed. The display has the MINIMUM level of

    detail (see "Example 4: Permitting only one program (EDT)").

    LOAD-PROGRAM(LDPG,LOAD-PROG)      FROM :2OSH:$TSOS.SYSSDF.BLSSERV.023 (SYSTEM)           FROM-FILE =                STRUCTURE: *MODULE                     LIBRARY = *DBL-DEFAULT                          STRUCTURE: *LINK                               LINK =                     ELEMENT-OR-SYMBOL(ELEMENT,ELEM) = *ALL                          STRUCTURE: composed-name                               VERSION = *STD                          STRUCTURE: c-string                               VERSION = *STD                     PROGRAM-MODE = *DBL-DEFAULT                     RUN-MODE = *DBL-DEFAULT                          STRUCTURE: *ADVANCED                               ALTERNATE-LIBRARIES = *DBL-DEFAULT                               NAME-COLLISION = *DBL-DEFAULT                               UNRESOLVED-EXTRNS = *DBL-DEFAULT                              ERROR-EXIT = *DBL-DEFAULT                              MESSAGE-CONTROL = *DBL-DEFAULT                              LOAD-INFORMATION = *DBL-DEFAULT                              PROGRAM-MAP = *DBL-DEFAULT                                   STRUCTURE: *SYSLST                                        SYSLST-NUMBER = *STD                                   STRUCTURE: *BOTH                                        SYSLST-NUMBER = *STD                             SHARE-SCOPE = *DBL-DEFAULT                                  STRUCTURE: *MEMORY-POOL                                       SCOPE = *ALL                             IGNORE-ATTRIBUTES = *DBL-DEFAULT                             REP-FILE = *DBL-DEFAULT                             AUTOLINK = *DBL-DEFAULT                             PROGRAM-VERSION = *DBL-DEFAULT              STRUCTURE: *PHASE                    LIBRARY =                    ELEMENT =                    VERSION = *STD      CPU-LIMIT = *JOB-REST      TEST-OPTIONS = *DBL-DEFAULT      MONJV = *NONE      RESIDENT-PAGES = *PARAMETERS           STRUCTURE: *PARAMETERS                MINIMUM = *STD                MAXIMUM = *STD      VIRTUAL-PAGES = *STD

    //show *oper(from-f,orig=*com(load-prog)),siz=*med,att-inf=*n  (17) FROM-FILE =      filename or *MODULE() or *PHASE() //edit *oper(from-f,orig=*com(load-prog)) ————————————————— (18) //mod-oper def='$edt' ————————————————————————————————————— (19) //mod-value value=('$edt','edt'(outp='$edt')) ————————————— (20) //remove *value ——————————————————————————————————————————— (21) //remove *value(from-f,phase) ————————————————————————————— (22) //edit *oper(cpu-lim) ————————————————————————————————————— (23) //mod-oper pres=*intern //edit *oper(test-opt) //mod-oper pres=*intern //edit *oper(monjv) //mod-oper pres=*intern //edit *oper(resid-p) //mod-oper pres=*intern //edit *oper(resid-p,par,min) //mod-oper pres=*intern //edit *oper(resid-p,par,max) //mod-oper pres=*intern

17. The FROM-FILE operand of the LOAD-PROGRAM command is displayed at the medium level of detail. Output of the structures attached to the values MODULE and PHASE is suppressed.

18. The file is positioned to the FROM-FILE operand of the LOAD-PROGRAM command. This operand becomes the current object in the open syntax file.

19. The operand that is the current object (FROM-FILE) is assigned the default value ’$EDT’. Subsequently, the definition of the first operand value attached to FROM-FILE (FILENAME) becomes the current object.

20. $EDT and EDT are defined as the only permissible values for the operand value definition that is the current object (FILENAME). For the input value EDT it is defined that instead of this value SDF passes value $EDT to the implementation. Subsequently, the definition of the next operand value attached to FROM-FILE (MODULE) becomes the current object.

21. The definition of the operand value that is the current object (MODULE) is deleted.

    Note: after this, the definition of the operand value FILENAME becomes the current object.

22. The definition of the operand value PHASE of the FROM-FILE operand of the LOAD-PROGRAM command is deleted. To do this, it is not necessary to specify the command name as the specification made in step 18 is still effective.

23. The other operands of the LOAD-PROGRAM command are made invisible.

    
    

    //edit *oper(virt-p) //mod-oper pres=*intern //show *com(load-prog),att-info=*y,siz=*max ———————————————————— (24) LOAD-PROGRAM(LDPG,LOAD-PROG)    FROM SYS.SDF.GROUP.EXAMPLE (GROUP)      loads a program (load or  object module) to the memory      FROM-FILE = $EDT           $EDT or EDT           name of the file containing the load  module or details of the           object module/load module library //end /mod-f-attr sys.sdf.group.syntax.example,access=*read,user-acc=*all   (25) /mod-user example,profile-id=user1 ————————————————————————————— (26) /mod-sdf-parameters scope=*permanent,syntax-file=*group- /(sys.sdf.group.syntax.example,user1) —————————————————————————— (27) %  CMD0681 SYNTAX FILE '$.SYS.SDF.GROUP.SYNTAX.EXAMPLE' INSERTED IN PARAMETER FILE '$.SYSPAR.SDF' %  CMD0718 GROUP SYNTAX FILE '$.SYS.SDF.GROUP.SYNTAX.EXAMPLE' HAS BEEN ASSOCIATED WITH 'PROFILE-ID USER1' IN MEMORY TABLES /start-prog $example.edt ——————————————————————————————————————— (28) %  BLS0517 MODULE 'SDAMAIN' LOADED %  SDA0001 'SDF-A' VERSION '04.1E10' STARTED //end /exit-job

24. The LOAD-PROGRAM command is displayed. The display has the maximum level of detail. The only operand visible at the user interface is FROM-FILE, which has the default value $EDT. The values permitted are $EDT and EDT.

25. The file SYS.SDF.GROUP.SYNTAX.EXAMPLE is declared as shareable. Access to it is permitted only for reading.

26. Profile ID USER1 is assigned to user ID EXAMPLE.

27. Group syntax file SYS.SDF.GROUP.SYNTAX.EXAMPLE is assigned to profile ID USER1. This assignment is permanently stored in the SDF parameter file.

28. The file $EXAMPLE.EDT contains the program SDF-A. The privileged user ID TSOS may access this file because the START-PROGRAM command is not restricted for TSOS. The following shows that a user under the user ID EXAMPLE cannot access a program with the name EDT, even if this program exists under his/her own user ID. Due to the restrictions implemented above, only the program $EDT can be loaded.

    
    

    /set-logon-parameters example,... —————————————————————— (29) /show-sdf-options —————————————————————————————————————— (30) %SYNTAX FILES CURRENTLY ACTIVATED : %  SYSTEM    : :2OSH:$TSOS.SYSSDF.SDF.045 %              VERSION : SESD04.5A300 %  SUBSYSTEM : :2OSH:$TSOS.SYSSDF.ACO.022 %              VERSION : SESD02.2A00 %  SUBSYSTEM : :2OSH:$TSOS.SYSSDF.ACS.140 %              VERSION : SESD14.0B100  .  . %  SUBSYSTEM : :2OSH:$TSOS.SYSSDF.SDF-A.041 %              VERSION : SESD04.1E10 %  SUBSYSTEM : :2OSH:$TSOS.SYSSDF.TASKDATE.140 %              VERSION : SESD14.0A100 %  GROUP     : 2OSH:$.SYS.SDF.GROUP.SYNTAX.EXAMPLE %              VERSION : UNDEFINED %  USER      : *NONE %CURRENT SDF OPTIONS : %  GUIDANCE           : *EXPERT %  LOGGING            : *INPUT-FORM %  CONTINUATION       : *NEW-MODE %  UTILITY-INTERFACE  : *NEW-MODE %  PROCEDURE-DIALOGUE : *NO %  MENU-LOGGING       : *NO %  MODE               : *EXECUTION %     CHECK-PRIVILEGES   : *YES %  DEFAULT-PROGRAM-NAME : *NONE %  FUNCTION-KEYS      : *STYLE-GUIDE-MODE %  INPUT-HISTORY      : *ON %     NUMBER-OF-INPUTS   : 20 %     PASSWORD-PROTECTION: *YES /exec $sdf-a —————————————————————————————————————————— (31) %  SDP0222 OPERAND ’CMD’ INVALID IN /EXEC-CMD, ERROR ’SDP0116’. IN SYSTEM MODE: /HELP-MSG SDP0116

29. A task is initiated under the user ID EXAMPLE.

30. The activated syntax files are displayed. The group syntax file SYS.SDF.GROUP.SYNTAX.EXAMPLE previously processed by the privileged user ID TSOS is activated.

31. Since the EXEC command was removed, SDF interprets the user input as the SDF-P command EXEC-CMD and rejects it due to the invalid syntax.

    /load-program $sdf-a ——————————————————————————————————————————— (32) %  CMD0051 INVALID OPERAND 'FROM-FILE' %  CMD0063 OPERAND VALUE '$SDF-A' NOT A MEMBER OF THE SINGLE VALUE LIST OF  SCOPE '$EDT OR EDT' /load-program edt —————————————————————————————————————————————— (33) %  BLS0500 PROGRAM 'EDT', VERSION '16.6A' OF '1996-06-04' LOADED %  BLS0552 COPYRIGHT (C) FUJITSU SIEMENS COMPUTERS GMBH 1996. ALL RIGHTS RESERVED /load-program —————————————————————————————————————————————————— (34) %  BLS0500 PROGRAM 'EDT', VERSION '16.6A' OF '1996-06-04' LOADED %  BLS0552 COPYRIGHT (C) FUJITSU SIEMENS COMPUTERS GMBH 1996. ALL RIGHTS RESERVED /start-program $sdf-a —————————————————————————————————————————— (35) %  CMD0376 SPECIFICATION OF POSITIONAL OPERANDS UP FROM POSITION '1' NOT  PERMITTED /start-editor —————————————————————————————————————————————————— (36) %  BLS0500 PROGRAM 'EDT', VERSION '16.6A' OF '1996-06-04' LOADED . . halt %  EDT8000 EDT TERMINATED /start-program ————————————————————————————————————————————————— (37) %  BLS0500 PROGRAM 'EDT', VERSION '16.6A' OF '1996-06-04' LOADED . . halt %  EDT8000 EDT TERMINATED /exit-job

32. SDF does not accept the operand value $SDF-A in the LOAD-PROGRAM command.

33. SDF does not pass the value EDT to the implementation, but instead the value $EDT. Instead of the program SDF-A contained in the file $EXAMPLE.EDT (see step 28) the program contained in the file $TSOS.EDT is loaded.

34. SDF transfers the default value $EDT of the FROM-FILE operand to the implementation. EDT is loaded.

35. START-PROGRAM is the default name of the renamed command START-EDITOR. SDF recognizes the START-EDT command and rejects the operand value $SDF-A as not permissible.

36. Entering START-EDITOR causes EDT to be loaded and started.

37. SDF recognizes the START-EDITOR command by its default name START-PROGRAM.

    EDT is loaded and started.