Defining a security profile for SIOCSVIPA, SIOCSVIPA6, and MODDVIPA

You can define a System Authorization Facility (SAF) resource profile in the SERVAUTH class to control access to dynamic VIPAs (DVIPAs) in a VIPARANGE statement in the following ways:

• Control which applications can issue a SIOCSVIPA or SIOCSVIPA6 ioctl call, or call the MODDVIPA utility (which issues the SIOCSVIPA or SIOCSVIPA6 ioctl call on behalf of the application), to create a DVIPA
  Guideline: Wherever SIOCSVIPA is used in this information, the information also applies to SIOCSVIPA6.
• Control whether an application can issue a SIOCSVIPA ioctl call or call the MODDVIPA utility to create a DVIPA within a specific VIPARANGE subnet

For information about controlling which applications can bind to create a DVIPA, see Defining a security profile for binding to DVIPAs in the VIPARANGE statement.

This information includes examples that use RACF®. If you are using another security product, see the documentation for that product for the equivalent commands. For more information about RACF, see z/OS Security Server RACF Security Administrator's Guide.