Technical data

ManualsBrandsCompaq ManualsComputer equipmentCompaq TCP/IP Services for OpenVMS

371

372

373

374

375

376

377

378

379

380

NFS Server

20.1 Key Concepts

20.1.7 How OpenVMS and the NFS Server Grant File Access

To protect your exported ﬁle systems, you must take care when granting account

and system privileges for remote users. You must also understand how OpenVMS

grants access to ﬁles.

The NFS server uses the proxy database to map the incoming user identity to an

OpenVMS account. The server uses the account’s UIC to evaluate the protection

code, along with other security components, before granting or denying access to

ﬁles.

When a user tries to access a protected ﬁle or directory, the OpenVMS system

uses the following sequence to compare the security proﬁle of the user against the

security proﬁle of the target ﬁle or directory.

1. Evaluates the access control list (ACL).

ACL protection is an OpenVMS feature that grants or denies access to a ﬁle

based on a rights identiﬁer. If the object has an ACL, the system scans it,

looking for an entry that matches any of the user’s rights identiﬁers. If a

matching access control entry (ACE) is found, the system either grants or

denies access based on the ACE.

When setting up the NFS server environment, Compaq recommends that

you set ACLs to deny access. This forces OpenVMS protection checking, as

described in Section 20.1.8.

2. Evaluates the protection code.

If the ACL does not grant access, the operating system evaluates the system

and owner ﬁelds of the protection code and grants or denies access based on

the relationship between the UIC and the object’s protection code.

OpenVMS uses user identiﬁer codes (UICs) to control ﬁle ownership and

protection. A UIC is a 32-bit value that consists of a 14-bit group number and

a 16-bit member number. Each user of the system has a UIC deﬁned in the

SYSUAF ﬁle. Access to objects depends on whether the UIC of the process

doing the accessing matches the UIC of the object (the ﬁle or directory).

3. Looks for special privilege.

If access was not granted by the ACL or the protection code, the operating

system evaluates privileges. Users with system privileges (BYPASS, GROUP,

READALL, SYSPRV) may be entitled to access regardless of the protection

offered by the ACLs or protection code.

For a more thorough discussion on access checking, refer to the OpenVMS Guide

to System Security.

20.1.8 Understanding the Client’s Role in Granting Access

Before sending a user request to the NFS server, the client performs its own

access checks. This check occurs on the client host and causes the client to grant

or deny access to data. This means that even though the server may grant access,

the client may deny access before the user’s request is even sent to the server

host. If the client user maps to an OpenVMS account that is not allowed access to

a ﬁle, an ACL entry may not allow access from an NFS client as it would locally

for that OpenVMS account.

It is also possible for the server to reject an operation that was otherwise allowed

by the client. With the attribute

noproxy_enabled

, you can use the ACL for

additional access control. See Section 20.11 for a complete description of the

security features set with this variable.

20–6 NFS Server