Bypass Trusted Process Authorization

 allows you to define programs as trusted.  stores the trusted programs and their children programs in a table. All events (inbound and outbound) related to trusted processes (and their corresponding ports) are permitted without authorization as part of a full network bypass.
capamsc141
Privileged Access Manager
 allows you to define programs as trusted. 
Privileged Access Manager
stores the trusted programs and their children programs in a table. All events (inbound
and
outbound) related to trusted processes (and their corresponding ports) are permitted without authorization as part of a full network bypass.
To specify these programs, use the SPECIALPGM class:
  • To bypass file and network events for the specified program, use the property PGMTYPE with values pbf and pbn.
  • To bypass setuid and setgid events for a specified program, use the property PGMTYPE with the value surrogate.
  • To bypass all 
    Privileged Access Manager
    authorization checks for a specified program, use the property PGMTYPE with the value fullbypass.
    Privileged Access Manager
     ignores a process that has the PGMTYPE(fullbypass) property, and no record of any process events appears in 
    Privileged Access Manager
    audit, trace, or debug logs.
  • To propagate bypasses to all programs that are called from the specified program, use the property PGMTYPE with the value propagate.
Security privilege propagation works with PBF, PBN, DCM, FULLBYPASS, and SURROGATE privileges only.