The system software provides a number of security features that you can use to regulate the ability of processes to access other users' files or perform other restricted actions. Processes are classified according to security classes, and each security class allows the process to perform a somewhat different set of restricted actions.
The following subsections describe the capabilities of each of the process security classes and explain how a process can be assigned to a particular class. For further information about any of the security features discussed, refer to the MCP Security Overview and Implementation Guide and the Security Operations Guide.
The following are the security classes a user process can belong to:
-
Nonprivileged
-
Privileged
-
Nonusercoded
-
Operator display terminal (ODT)
-
SYSTEMUSER
-
Security administrator
-
Compiler
-
MCS
-
Tasking
A process can belong to more than one of these classes, although certain classes are mutually exclusive. In addition, a process can belong to different security classes at different points in its execution.
Additional security classes exist for operating system processes. For information about system library security and library linkage classes, refer to Using Libraries.
For a discussion of certain special security issues that arise from the sharing of logical files between processes, refer Using Shared Files.
