Safeguard Reference Manual (G06.24+, H06.03+ )
Introduction
Safeguard Reference Manual—520618-013
1-6
Object-Access Authorization
•
The owner of a process-name record can freeze and thaw access to the process
name (FREEZE PROCESS and THAW PROCESS).
•
The owner of a process-name record can delete the record (DELETE PROCESS).
Control Features for Subprocesses
•
Any user can create a Safeguard subprocess-name record (ADD SUBPROCESS),
unless a specific list of users has been designated with an access control list for
OBJECTTYPE SUBPROCESS.
A subprocess name authorization record contains these attributes:
°
OWNER—ownership can be transferred to any user
°
ACCESS—an access control list to authorize access: Read, Write, Owner
(RWO)
°
Auditing specifications
•
The owner of a subprocess name authorization record can modify the record
(ALTER SUBPROCESS).
•
The owner of a subprocess-name record can freeze and thaw access to the
subprocess name (FREEZE SUBPROCESS and THAW SUBPROCESS).
•
The owner of a subprocess-name record can delete the record (DELETE
SUBPROCESS).
Control Features for OBJECTTYPE Access Authorities
•
Any local super-group user can create a Safeguard OBJECTTYPE authorization
record (ADD OBJECTTYPE) unless an alternate list of users has been specified
with an access control list for OBJECTTYPE OBJECTTYPE.
An OBJECTTYPE authorization record contains these attributes:
°
OWNER—ownership can be transferred to any user
°
ACCESS—an access control list to authorize access: Create, Owner (CO)
°
Auditing specifications
•
The owner of an OBJECTTYPE authorization record can modify the record
(ALTER OBJECTTYPE).
•
The owner of an OBJECTTYPE record can freeze and thaw access to the
OBJECTTYPE (FREEZE OBJECTTYPE and THAW OBJECTTYPE).
•
The owner of an OBJECTTYPE record can delete the record (DELETE
OBJECTTYPE).