Safeguard Reference Manual (G06.24+, H06.03+ )

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series

241

242

243

244

245

246

247

248

249

250

Disk-File Security Commands

Safeguard Reference Manual—520618-013

8-13

ADD DISKFILE Command

To secure a partitioned disk file completely, add a separate disk-file authorization

record for each partition. Adding an authorization record for only the primary

partition protects the partitioned file from any accesses made by opening the

primary partition but does not prevent the secondary partitions from being opened

individually.

•

Renaming a file with persistent protection

If you rename a file that has persistent protection, the persistent protection is lost

because it remains associated with the source file name. However, if the target file

name in a rename operation has persistent protection, the new file assumes that

protection record.

•

CREATE authority is meaningless without persistent protection.

CREATE authority for a disk file has no meaning unless the PERSISTENT attribute

is ON for that file.

•

The OWNER attribute and persistent protection

When a file with persistent protection is created, the OWNER attribute is not

changed to match the user ID of the user who creates the file. The OWNER

attribute remains set to the owner of the file’s protection record.

•

Persistent protection takes precedence over default protection.

When a file with persistent protection is created, the persistent protection takes

precedence over any default protection specified for the user who creates the file.

•

PROGID and LICENSE attributes in persistent protection records

If a file with persistent protection is purged, the PROGID and LICENSE attributes

are set OFF.

•

If disk-file persistence is enabled, the ADD DISKFILE command accepts disk-file

protection records for non-existent files.

•

Licensed program object file requires local super ID.

Only a local super ID can add an authorization record for a licensed program

object file and retain the license attribute in the newly added authorization record.

Caution. When adding an authorization record for a licensed program object file, set the

LICENSE attribute value to ON. If the LICENSE attribute is OFF (the default value), the

license for that object file is revoked.

When you add an authorization record for a disk file that currently has the PROGID or

CLEARONPURGE options set to ON, set the corresponding disk file attribute to ON before

adding the authorization record. (The default attribute value for PROGID and

CLEARONPURGE is OFF.)