Safeguard Reference Manual (G06.24+, H06.03+ )
Security Group Commands
Safeguard Reference Manual—520618-013
13-18
INFO SECURITY-GROUP Command
In addition to the security group attribute values displayed in the brief INFO
SECURITY-GROUP report, the detailed INFO SECURITY-GROUP report displays
these attribute values:
AUDIT-ACCESS-PASS = a-spec AUDIT-MANAGE-PASS = a-spec
AUDIT-ACCESS-FAIL = a-spec AUDIT-MANAGE-FAIL = a-spec
These values indicate the conditions under which the Safeguard software audits
attempts to execute a restricted command and attempts to manage this authorization
record. a-spec can be:
{ ALL | LOCAL | REMOTE | NONE }
For a full description of each a-spec, see the appropriate audit-spec under the
SET SECURITY-GROUP Command on page 13-20.
Example
To generate a brief INFO SECURITY-GROUP report for the group SECURITY-
ADMINISTRATOR:
=INFO SECURITY-GROUP security-administrator
The report shows:
The report shows that:
•
The owner of this security group authorization record is a network user who is the
manager for group 86 (with user ID 86,255).
•
All users who are members of group number 33 or 255 are granted both
EXECUTE and OWNER authority for the security group SECURITY-
ADMINISTRATOR.
•
All users who are members of group number 86, with one exception, are granted
both EXECUTE and OWNER authority for this security group. User ID 86,2 is
specifically denied both EXECUTE and OWNER authority.
The output of the INFO command is influenced by the session command, DISPLAY, in
particular the setting of DISPLAY USER AS and DISPLAY AS COMMANDS.
To display the SECURITY-OSS-ADMINISTRATOR security group protection record:
=DISPLAY USER AS NAME
LAST-MODIFIED OWNER STATUS
SECURITY-ADMINISTRATOR
18AUG86, 17:28 \*.86,255 THAWED
086,002 DENY E,O
033,* E,O
086,* E,O
255,* E,O