RSTANYLIB -- Restore Any Library

RSTANYLIB RESTORE ANY LIBRARY TAARSTB
The RSTANYLIB command is designed for those cases where the system operator must restore a library that has programs which adopt the owner's authority. This is typical of a disaster recovery situation where all libraries must be restored. To prevent security exposures, the system determines who is doing the restore and will make any programs private AUT(EXCLUDE) that adopt authority and are being restored by a user other than the owner or the security officer. To avoid losing authority when these programs are restored, the RSTANYLIB command may be used. The user of the command must be authorized to the TAARSTANYL authorization list. RSTANYLIB allows the system operator to perform the task without requiring that the operator be signed on as the Security Officer. RSTANYLIB adopts the authority of the Security Officer for the duration of the command. Note that there is a security exposure when a user is authorized to RSTANYLIB. This would allow the user to restore a simple program that adopts the Security Officers profile and act as the Security Officer. You must limit the use of RSTANYLIB to trusted individuals or revoke their authority to the TAARSTANYL authorization list after they have performed the required function. The command has no parameters. It is entered as: RSTANYLIB The operator receives the prompt for the RSTLIB command and can operate as the Security Officer during the execution of the RSTLIB command. Command parameters CMD ------------------ The command has no parameters. Security considerations ----------------------- You must have Security Officer rights to create RSTANYLIB. The user of the command must be authorized to the TAARSTANYL authorization list. See the previous comments about the exposure of authorizing a user to the authorization list. Restrictions ------------ None. Prerequisites ------------- None. Implementation -------------- The tool is ready to use, but a user must be authorized to the TAARSTANYL authorization list. Use either EDTAUTL or the following command: ADDAUTLE AUTL(TAARSTANYL) USER(xxxx) AUT(USE) Objects used by the tool ------------------------ Object Type Attribute Src member Src file ------ ----- --------- ---------- ----------- RSTANYLIB CMD TAARSTB QATTCMD TAARSTBC *PGM CLP TAARSTBC QATTCL

RSTANYLIB        RESTORE ANY LIBRARY        TAARSTB


The RSTANYLIB  command is  designed for  those cases  where the  system
operator  must restore  a  library that  has programs  which  adopt the
owner's  authority.  This  is typical of  a disaster recovery situation
where all libraries must be restored.

To prevent security exposures,  the system determines who is  doing the
restore  and will make  any programs  private AUT(*EXCLUDE)  that adopt
authority  and are  being restored by  a user  other than  the owner or
the security officer.

To  avoid losing  authority  when  these  programs  are  restored,  the
RSTANYLIB  command may  be  used.   The  user of  the  command must  be
authorized  to  the TAARSTANYL  authorization list.    RSTANYLIB allows
the system  operator to  perform the  task without  requiring that  the
operator be signed  on as the  Security Officer.  RSTANYLIB  adopts the
authority of the Security Officer for the duration of the command.

Note that  there is a  security exposure when  a user is  authorized to
RSTANYLIB.    This would  allow the  user to  restore a  simple program
that adopts  the  Security Officers  profile and  act  as the  Security
Officer.   You must limit the  use of RSTANYLIB to  trusted individuals
or  revoke their authority  to the TAARSTANYL  authorization list after
they have performed the required function.

The command has no parameters.  It is entered as:

      RSTANYLIB

The operator  receives  the  prompt  for the  RSTLIB  command  and  can
operate as  the Security  Officer during  the execution  of the  RSTLIB
command.

Command parameters                                    *CMD
------------------

The command has no parameters.

Security considerations
-----------------------

You must have Security Officer rights to create RSTANYLIB.

The  user  of   the  command  must  be  authorized  to  the  TAARSTANYL
authorization list.  See  the previous comments  about the exposure  of
authorizing a user to the authorization list.

Restrictions
------------

None.

Prerequisites
-------------

None.

Implementation
--------------

The  tool is  ready  to use,  but  a user  must  be authorized  to  the
TAARSTANYL authorization list.

Use either EDTAUTL or the following command:

      ADDAUTLE   AUTL(TAARSTANYL) USER(xxxx) AUT(*USE)

Objects used by the tool
------------------------

   Object        Type       Attribute      Src member     Src file
   ------        -----      ---------      ----------     -----------

   RSTANYLIB     *CMD                      TAARSTB        QATTCMD
   TAARSTBC      *PGM          CLP         TAARSTBC       QATTCL

Added to TAA Productivity tools April 1, 1995

Home Page

Up to Top