Safeguard User's Guide (G06.24+, H06.03+)
Securing Disk Files
Safeguard User’s Guide—422089-009
3-5
Controlling Default Attributes
The file report1 is protected by the Safeguard software with a simple access control list
that consists of only your user ID. To modify or expand the access control list, see
Working With Access Control Lists on page 3-6.
Controlling Default Attributes
When you add a file to the Safeguard database, any unspecified attributes take on the
default attributes for a disk file. As the previous examples showed, when report1 was
initially added to the Safeguard database, it did not have an access control list. This
occurred because the default disk-file attributes do not include an access control list.
To see the default values for disk files:
=SHOW DISKFILE
The display shows:
The display shows the default attributes for a disk file that are in effect when you start a
SAFECOM session. No access control list is defined.
You can change any of the default attributes at any time during the session, and the
changes remain in effect until you exit SAFECOM. The default attributes return to their
original state when you exit SAFECOM.
To change any of the default attributes, use the SET DISKFILE command. To set a
default access control list:
=SET DISKFILE ACCESS 2,1 (R,W,E,P) ; 2,* (R,E)
This access control list gives you READ, WRITE, EXECUTE, and PURGE authority
and gives all other users in group 2 READ and EXECUTE authority. Use the semicolon
(;) to separate access control list entries.
Enter:
=SHOW DISKFILE
Note. If you display the Guardian security string with the FUP INFO command or the TACL
FILEINFO command, the value of the RWEP field appears as four asterisks ("****") for any
file that has a Safeguard disk-file protection record.
TYPE OWNER WARNING-MODE
DISKFILE 2,1 OFF
AUDIT-ACCESS-PASS = NONE AUDIT-MANAGE-PASS = NONE
AUDIT-ACCESS-FAIL = NONE AUDIT-MANAGE-FAIL = NONE
LICENSE = OFF PROGID = OFF CLEARONPURGE = OFF PERSISTENT = OFF
TRUST = OFF
(H-series RVUs only)
NO ACCESS CONTROL LIST DEFINED!