__writedown() — Query or change the setting of the write-down privilege of an ACEE.

Standards

Format

#define _OPEN_SYS
#include <sys/stat.h>
int __writedown ( int writedownop, int writedownscope);

General description

The __writedown() function will enable callers to query or change the setting of the write-down privilege of an ACEE (access control environment element) at the address space level or task level. User's having write-down privilege can write data to a resource protected by a seclabel of lower authority then that of the seclabel represented in the address space level ACEE.

To activate the write-down privilege the userid in the target ACEE must be permitted to the the IRR.WRITEDOWN.BYUSER profile in the FACILITY class. The FACILITY class must be active and RACLISTed, and the SETROPTS MLS option must be active.

See z/OS V1R5 Planning for Multilevel Security for more details on the usage of this function.

Returned value

For the __writedown() activate, inactivate, and reset operations:

If successful, __writedown() returns 0.

For the __writedown() query operation:

For all __writedown() operations:

If unsuccessful, all __writedown() operations return -1 and sets errno to EINVAL.

Related information