Manualshelf

Safeguard User's Guide (G06.24+, H06.03+)

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series
31323334353637383940
Securing Disk Files
Safeguard User’s Guide422089-009
3-3
Getting Started
Getting Started
You must use SAFECOM, the Safeguard command interpreter, to enter commands. As
described in Section 7, Working With SAFECOM, you can choose different operating
modes and options when you run SAFECOM.
For simplicity, the examples in this section assume that you are running SAFECOM in
interactive mode. To start SAFECOM in interactive mode, type the following command
at the TACL prompt:
1> SAFECOM
In response to this command, SAFECOM displays its program banner and an equal
sign (=). The equal sign is the SAFECOM command prompt. It indicates SAFECOM is
ready to accept commands.
To end an interactive session, type EXIT at the SAFECOM command prompt.
Adding a Disk File to the Safeguard
Subsystem
You must own a disk file before you can secure it with the Safeguard subsystem. The
ADD DISKFILE command puts a file under Safeguard control by creating an
authorization record for the file. You define the security for a file by setting the file's
attributes in the authorization record. One of these attributes is the OWNER attribute.
Unless you change the OWNER attribute, you are the owner, and only you (or a
privileged user) can make changes to the authorization record. You can also specify
multiple owners by giving other users OWNER authority on an access control list entry.
Any user with OWNER authority can change the authorization record for the file. For
additional details, see Specifying Ownership on page 3-13.
You can use diskfile patterns to add disk files to the Safeguard subsystem. For more
information, see Section 9, Working with Patterns.
PROGID Applicable only to files that contain object code; sets the
process access ID (PAID) to the user ID of the file's primary
owner.
TRUST Specifies whether or not the file can be trusted to not access I/O
buffers during execution. Applies only to program files. Only the
super ID can set this attribute. This attribute is valid only on
systems running H-series RVUs.
LICENSE Applicable only to files that contain privileged object code;
specifies that nonprivileged users can execute the code.
Table 3-2. Disk-File Attributes (page 2 of 2)
Attribute Function