Safeguard Reference Manual (G06.24+, H06.03+ )

OBJECTTYPE Security Commands

Safeguard Reference Manual—520618-013

12-2

OBJECTTYPE Access Authorities

The ACL defined for an OBJECTTYPE can grant any of these access authorities to

users and user groups:

OBJECTTYPE Security Command Summary

Table 12-2 on page 12-3 lists the OBJECTTYPE security commands and gives a brief

description of each.

Table 12-1. Defaults for Undefined OBJECTTYPE ACLs

Type of Object Who Can Place an Object Under Safeguard Control

ALIAS Group manager of underlying user ID. Also must be the owner of

underlying user ID or owner’s group manager.

DEVICE Any local super group member

DISKFILE Local owner of the existing file

DISKFILE-PATTERN Any local user

GROUP Any local super group member

OBJECTTYPE Any local super group member

PROCESS Any local user

SUBDEVICE Any local super group member

SUBPROCESS Any local user

SUBVOLUME Any local user

USER Guardian rules apply:

•

The local super ID can create any local user ID.

•

The local group manager can create any local group member

user ID.

VOLUME Any local super-group member

Note. OBJECTTYPE USER controls who can add users, aliases, and groups.

CREATE Add an authorization record for an object of this type

OWNER Manage the OBJECTTYPE authorization record