Safeguard Reference Manual (G06.24+, H06.03+ )

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series

331

332

333

334

335

336

337

338

339

340

Device and Subdevice Security Commands

Safeguard Reference Manual—520618-013

10-2

Device and Subdevice Access Authorities

to do. They are equal, in every way, to the primary owner. For example, they can

modify the Safeguard authorization records for any device or subdevice they own, and

they can access any device or subdevice for which they own the authorization record

when that device or subdevice has been FROZEN.

An owner can deny explicitly a local super ID any of the authorities implicitly granted to

the super ID (including OWNER) and have this denial actively enforced all of the time.

When a device or subdevice is under Safeguard protection, all the security attributes

are controlled by the Safeguard software for that device or subdevice.

When used with an ACL, the OWNER authority can always be specified for all devices

or subdevices protected by the Safeguard software. The OWNER authority is always

included when the * authority code is used. It can also be abbreviated as O for

simplicity.

With the Safeguard software, the owner of an authorization record can also be defined

as a network user. A network user who owns an authorization record can use the

Safeguard software from a remote node to control access (provided the user has

remote passwords set up between the two systems).

Device and Subdevice Access Authorities

The ACL for a device or subdevice can grant any combination of these access

authorities to users and user groups:

Device and Subdevice Access Authorization

When a process attempts to open a protected device or subdevice, the Safeguard

software checks the process group list and the ACL to determine whether READ or

WRITE authority is granted to the user identified by the process’s process accessor ID

(PAID). If that user has READ or WRITE authority, the open request is allowed to

complete successfully. If the user has neither READ nor WRITE authority, the open

request is rejected with a security violation error (file error 48).

The Safeguard software distinguishes between local and remote open requests. A

remote open request is made by a process that was started by a network user logged

on to a remote system. When a process is remote with respect to the device or

subdevice that it is attempting to open, the network user must also be granted remote

access. Otherwise, the Safeguard software rejects the open request with a security

violation error (file error 48).

For example, suppose a remote process with a PAID of 4,5 attempts to open a device

or subdevice. The device ACL must grant either READ or WRITE authority to \*.4,5,

READ Open a device or subdevice for input operations

WRITE Open a device or subdevice for output operations

OWNER Manage the authorization records