There are two methods to control allowable user actions with regard to TCL:
The T code in line 9 of an account definition item
Modification of a user account’s Master Dictionary
Using the T Code to Prevent Access to TCL
There may be occasions when you want to restrict certain users just to application software and prevent them from gaining direct access to TCL. To do this, enter the T code in line or attribute 9 of the Account Definition item or user-ID.
If a user’s process reaches a state where there would normally be a TCL prompt, the system instead gives control of the process to a Proc called account@TCL, where account is the name of the user’s account or user-ID. If this Proc has not been defined, control is passed to a Proc called @TCL in the ERRMSG file. You must have previously created these Procs and defined what they are to do. If neither of these Procs is defined, the T in line 9 will be ineffective and the user will return to TCL.
Defining Allowable Commands with the Master Dictionary
In addition to the standard mvBase security mechanisms, you can exercise a degree of control over the actions of users who are logged on to the system by editing the contents of the Master Dictionary for that account and then assigning update codes that prevent users from making changes to the Master Dictionary. Since the Master Dictionary contains the definitions of all the commands that users of an account can execute, you can prevent users from executing certain commands simply by removing them from their Master Dictionaries.
A T (TCL access) code can be included in both user accounts and user-IDs. The T code restricts direct access to TCL.
See Also
Implementing MultiValue Security
Line 1: Using D Codes in Account Attributes
Lines 5 and 6: Using Retrieval and Update Codes
Line 7: Assigning, Changing and Deleting Account Passwords
Line 8: Using System Privilege Level Codes
Line 9: Using Automatic Logoff
Line 9: Using Account Definition Codes
Using the Accounting History File (ACC)