NBSpool for MPE Reference Guide
Running NBSpool
2-5
UDC Commands
User security is implemented in a manner similar to SPOOK. The user running NBSpool can access
spool files based on their capability. The following is a list of who can do what:
Capability Description
SM
Access to any spool file
OP
Access to any spool file, passwords and lockwords suppressed
AM
Access to spool files created by account users
none
Access to spool files the user created only
You may override this security via the NBSpool SET command, giving additional access to spool
files to specific users. Turn to Chapter 4 for more information on the
SET command.
The MPE
ASSOCIATE command can be used to override this security. This command gives a user
temporary control over a device class and all the devices in the class. If a user
ASSOCIATEs a device,
the user will have complete access to output spool files on that device. Logging off or using the
DISASSOCIATE command will remove the capability.
Note. The list of
ASSOCIATEd devices is compiled when NBSpool is first entered, or
when a programmatic
ASSOCIATE command is executed from NBSpool’s prompt.
Also, the
ASSOCIATE command will not work properly if it is used while in the break
mode.
You may secure the INPUT mode by using the SET command to place a password on the INPUT
command. As a result, only users with the password may enter INPUT mode. Turn to the “SET
Command” section in Chapter 4 for more information.
If you want to eliminate the possibility of specific users gaining MPE and UDC access within
NBSpool, configure these users to run NBSpool as follows:
:RUN NBSPOOL.PUB.NETBASE,NOCOMMAND