┌◄────────────────────────── , ─────────────────────────┐
│ ┌◄────────── , ──────────┐ │
── SECURITY ─┴─┴─ <file specification> ─┴─ <security specification> ─┴─┤──┬─ <security list> ────────────────────────────────────┬─────────────┤
│ ┌◄─────────── , ──────────┐ │
└─┴─ <security from group> ─┴─┬────────────────────────┤
└─ , ── <security list> ─┘ ┌◄───────────── , ─────────────┐
──┴─┬─ <long file title> ──────┬─┴─────────────────────────────────────┤
└─ <long directory title> ─┘ ┌◄───────────── , ────────────┐
──┴─┬─ <long file name> ──────┬─┴─ FROM <family name> ─────────────────┤
└─ <long directory name> ─┘──┬─ <traditional security specification> ────────────────────────────────┬─┤
│ ┌◄────────────────────────── , ─────────────────────────────┐ │
└─ ( ─┴─┬─ GROUP ─┬─ = ─┬─ <name constant> ─────────────────────┬─┴─ ) ─┘
├─ OWNER ─┘ ├─ # <string primary> ──────────────────┤
│ └─ "" ──────────────────────────────────┤
├─ ALTERNATEGROUPS ── = ── <alternategroups value> ─────┤
├─ PROPAGATESECURITYTODIRS ──┬─ = ─┬─ DONTPROPAGATE ─┬──┤
├─ PROPAGATESECURITYTOFILES ─┘ └─ PROPAGATE ─────┘ │
├─ CLEAR ───────────────────────────────────────────────┤
├─ GROUPRWX ─┬─ = ─┬─ NO ───────────────────────────────┤
├─ OTHERRWX ─┤ ├─ RWX ──────────────────────────────┤
├─ OWNERRWX ─┘ ├─ RW ───────────────────────────────┤
│ ├─ RX ───────────────────────────────┤
│ ├─ WX ───────────────────────────────┤
│ ├─ R ────────────────────────────────┤
│ ├─ W ────────────────────────────────┤
│ ├─ X ────────────────────────────────┤
│ └─ # <string primary> ───────────────┤
├─ GROUPR ───────┬─┬────────────────────────────────────┤
├─ GROUPW ───────┤ └─ = ── <boolean expression> ────────┤
├─ GROUPX ───────┤ │
├─ OTHERR ───────┤ │
├─ OTHERW ───────┤ │
├─ OTHERX ───────┤ │
├─ OWNERR ───────┤ │
├─ OWNERW ───────┤ │
├─ OWNERX ───────┤ │
├─ SETGROUPCODE ─┤ │
├─ SETUSERCODE ──┤ │
├─ USEGUARDFILE ─┤ │
├─ GUARDOWNER ───┘ │
├─ SECURITYGUARD ── = ─┬─ <file title> ─────────────────┤
│ └─ "" ───────────────────────────┤
└─ SECURITYMODE ── = ── <integer expression> ───────────┘<traditional security specification>
──┬─ GUARDED ────┬─ <file title> ─┬────────────────────────────────────┤
├─ CONTROLLED ─┘ │
│ ┌◄──────────────────────┐ │
└─┴─┬─ /1\ ─┬─ PRIVATE ─┬─┴─────┘
│ └─ PUBLIC ──┤
└─ /1\ ─┬─ IO ──────┤
├─ IN ──────┤
├─ OUT ─────┤
└─ SECURED ─┘──┬─ "" ───────────────────────────────────────────┬───────────────────┤
├─ # ──<string primary>──────────────────────────┤
│ ┌◄──────────────── , ────────────────┐ │
└─ " ─┴─/9\─<name constant>── : ─┬─ RWX ─┬─┴─ " ─┘
├─ RW ──┤
├─ RX ──┤
├─ WX ──┤
├─ R ───┤
├─ W ───┤
├─ X ───┤
└─ NO ──┘Explanation
The SECURITY statement changes the security of files on disk. In the <security from group>, the family name applies to all the file names in that <security from group>.
With the exception of the CLEAR attribute, refer to ALTER Statement earlier in this section for a description of the security attributes listed under <security specification>.
The CLEAR attribute causes all security mode flags to be reset.
Attributes are applied in the order in which they are specified. Specifying a Boolean security attribute without specifying a value implies a value of TRUE. Specifying a null string for SECURITYGUARD causes the current SECURITYGUARD value, if any, to be discarded.
-
The OWNER, PROPAGATESECURITYTODIRS, and PROPAGATESECURITYTOFILES attributes only apply to files in the permanent directory namespace.
-
Many security attributes are interrelated; therefore changes to one attribute might affect another attribute.
For descriptions of PRIVATE, PUBLIC, GUARDED, and CONTROLLED, refer to the description of the SECURITYTYPE file attribute in the File Attributes Programming Reference Manual.
For descriptions of IO, IN, OUT, and SECURED, refer to the description of the SECURITYUSE file attribute in the File Attributes Programming Reference Manual.
Family substitution is used if the job or task has an active family specification. Only the primary family name is used. Refer to FAMILY Assignment and Interrogating Complex Task Attributes.
Examples
The following examples illustrate the SECURITY statement syntax.
This statement changes the security of file AB/XY on DISK to PRIVATE for input and output:
SECURITY AB/XY PRIVATE IO;
This statement changes the security of file Z on PACK to PUBLIC for input only:
SECURITY Z ON PACK PUBLIC IN;
This statement changes the security of file A/B on MYPACK to GUARDED. File XYZ is the guard file.
SECURITY A/B ON MYPACK GUARDED XYZ;
These statements change the security of the files A/B on DISK and C/D on PACK to PUBLIC for input and output:
S1:="A/B"; S2:="C/D ON PACK"; SECURITY #S1, #S2 PUBLIC IO;
This statement sets the other R and W permission flags for A/B without affecting any other permission flags:
SECURITY A/B (OTHERRWX = RW);
This statement clears all permission flags, then sets the owner R and W permission flags and the other user R flag for A/B and C/D:
SECURITY A/B FROM MYPACK, C/D (CLEAR, OWNERRWX = RW, OTHERR);
