Safeguard Reference Manual (G06.24+, H06.03+ )
Security Group Commands
Safeguard Reference Manual—520618-013
13-25
SHOW SECURITY-GROUP Command
Example
These commands define default values for a new security group:
=SET SECURITY-GROUP OWNER prs.manager
=SET SECURITY-GROUP AUDIT-ACCESS-PASS all, &
=AUDIT-MANAGE-PASS local
=SET SECURITY-GROUP ACCESS 33,* (e,o); (86,*, 255,*) *
=SET SECURITY-GROUP ACCESS prs.harry DENY *
The default group attribute values defined in this example are:
•
The security group owner is the manager of the PRS group.
•
The Safeguard software audits all successful attempts to execute a restricted
command, as well as successful local attempts to manage a security group
authorization record.
•
All members of groups 33, 86, and 255 can execute restricted commands and
manage security group authorization records (except for user PRS.HARRY, who is
specifically denied all access).
The SET command is a SAFECOM environmental command that establishes default
values for the attributes. These values are used whenever the ADD command does not
explicitly state the value of the attribute.
To set all SECURITY-GROUP protection record attributes like those set in the
SECURITY-OSS-ADMINISTRATOR security group:
SET SECURITY-GROUP LIKE SECURITY-OSS-ADMINISTRATOR
SHOW SECURITY-GROUP Command
SHOW SECURITY-GROUP displays the current default values for the SECURITY-
GROUP attributes.
OUT
directs the SHOW SECURITY-GROUP report to listfile. After it executes the
SHOW command, SAFECOM redirects its output to the current OUT file.
listfile
For listfile, specify any file name. SAFECOM opens the listfile and
appends the SHOW SECURITY-GROUP report to that file. If listfile does
not exist, SAFECOM creates it as an EDIT-format file.
SHOW SECURITY-GROUP Report Format
Figure 13-3 shows the format of the SHOW SECURITY-GROUP report.
SHOW [ / OUT listfile / ] SECURITY-GROUP