When you want to keep some SYSTEM/SUMLOG records confidential, you can restrict user access to SYSTEM/SUMLOG in two ways:
-
Use the Security Center MCP Security Policy Management snap-in or the SECOPT (Security Options) system command to specify the option SUMLOGSECURITY=PRIVATE.
-
Assign the SECURITYTYPE file attribute of SYSTEM/SUMLOG the value PRIVATE, or assign it the value GUARDED and attach an appropriate guard file.
When you take either of these steps, SYSTEM/SUMLOG can be accessed directly only by a privileged process or user. If a guard file has been attached to the SUMLOG, access is also granted to users and programs that are specified in the guard file.
