Accessing Files Programmer's Guide (32650-90885)

ManualsBrandsHP ManualsSoftwareMPE/iX 6.0 Operating System

181

182

183

184

185

186

187

188

189

190

182 Chapter13

Maintaining File Security

Traditional Mechanism for File Security

Users with system manager or account manager capability bypass the standard security

mechanism. A system manager has unlimited ﬁle access to any ﬁle in the system

(R,A,W,L,X:ANY), but can save ﬁles only in his own account (S:AC); an account manager

user has unlimited access to any ﬁle within the account (R,A,W,L,X,S:ANY). One exception

is that in order to access a ﬁle with a negative ﬁle code (a privileged ﬁle), the account

manager must also have the privileged mode (PM) capability.

The user-type categories that a user satisﬁes depend on the ﬁle he is trying to access. For

example, a user accessing a ﬁle that is not in his home group is not considered a group

librarian for this access even if he has the group librarian user attribute.

NOTE

In addition to the above restrictions in force at the account, group, and ﬁle

level, a ﬁle lockword can be speciﬁed for each ﬁle. Users then must specify the

lockword as part of the ﬁle name to access the ﬁle.

The security provisions for the account and group levels are managed only by users with

the system manager and the account manager capabilities respectively, and can only be

changed by those individuals.

Account-level security

The security provisions that broadly apply to all ﬁles within an account are set by a system

manager user when creating the account. The initial provisions can be changed at any

time, but only by that user.

At the account level, ﬁve access modes are recognized:

• reading (R)

• appending (A)

• writing (W)

• locking (L)

• executing (X)

Also at the account level, two user types are recognized:

Group

Librarian User

GL User with Group Librarian capability, who can manage

certain ﬁles within his home group.

Creating User CR The user who created this ﬁle.

Group User GU Any user allowed to access this group as his logon or home

group, including all GL users applicable to this group.

Account

Member

AC Any user authorized access to the system under this account;

this includes all AL, GU, GL, and CR users under this

account.

Table 13-12. User Type Deﬁnitions (Traditional Security)

USER TYPE MNEMONIC

CODE

MEANING