z/OS Network File System Guide and Reference
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


SAF and exports list checking–security(safexp)

z/OS Network File System Guide and Reference
SC23-6883-00

When you specify security(safexp) in the attributes data set, the NFS server checks for both RACF authorization and exports list authorization before granting a client user access to z/OS data. For z/OS UNIX data, z/OS UNIX checks the UNIX permission bits, or ACLs, before granting file access to a client user. See Figure 1 and Table 1 for information on permission checking. This is the most restrictive means of limiting file system access. It requires client users to use the mvslogin command.

Figure 1. Permission checking for the security(safexp) attribute
Permission checking for the security(safexp) attribute

For more information about the exports data set, see Exports data set.

Parent topic: Protecting the file system on z/OS with the Security site attribute

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014