Safeguard Reference Manual (G06.24+, H06.03+ )

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series

371

372

373

374

375

376

377

378

379

380

Process and Subprocess Security Commands

Safeguard Reference Manual—520618-013

11-5

Process and Subprocess Security Command

Summary

If you create the NAMED protection record, it is advisable to create other process

protection records.

For NAMED and UNNAMED records, the only valid access authorities are CREATE,

PURGE, and OWNER authorities. READ and WRITE authorities are not valid.

If you use these special process protection records, be sure to alter your Safeguard

configuration to specify FIRST-RULE for COMBINATION-PROCESS. This

configuration is necessary for the NAMED and UNNAMED feature to function as

intended.

Process and Subprocess Security Command

Summary

Table 11-1 lists the process and subprocess security commands and gives a brief

description of each.

Table 11-1. Process and Subprocess Security Command Summary (page 1 of 2)

Command Description

ADD [SUB]PROCESS Adds a process name authorization record that has the

specified process or subprocess attribute values. The current

default values for the process name attributes are used for any

attributes not specified in the ADD PROCESS or

SUBPROCESS command.

ALTER [SUB]PROCESS Changes one or more attribute values in a process name

authorization record. For all attributes except ACCESS,

ALTER PROCESS or SUBPROCESS replaces the current

value with the specified value. For the ACCESS attribute,

ALTER PROCESS or SUBPROCESS changes the existing

ACL to incorporate access-spec.

DELETE [SUB]PROCESS Deletes a process name authorization record. Afterward, any

user can access a process or subprocess under the deleted

process name, and any process or subprocess that is

accessed under that name is subject only to the standard

Guardian security checks.

FREEZE [SUB]PROCESS Temporarily suspends access to a protected process name.

Only the primary owner of a process name, users with

OWNER authority, the owner’s group manager, and the local

super ID can create, access, or stop a process that has a

frozen process name.

INFO [SUB]PROCESS Displays the attribute values in a process name authorization

record.

RESET [SUB]PROCESS Sets one or more default values for the process or subprocess

attributes to predefined values.