Manualshelf

Safeguard User's Guide (G06.24+, H06.03+)

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series
31323334353637383940
Securing Disk Files
Safeguard User’s Guide422089-009
3-6
Working With Access Control Lists
The display shows:
The default attributes include an access control list. Any files you add to the Safeguard
database during this SAFECOM session will have this access control list unless you
specify otherwise. You can specify additional access control list entries when you add
files. See Working With Access Control Lists
.
To reset the default attributes to the original Safeguard defaults:
=RESET DISKFILE
The default attributes also assume their original values when you start SAFECOM.
Working With Access Control Lists
You can define access control lists in three ways:
By setting a default access control list for a SAFECOM session (with the SET
DISKFILE command)
By specifying an access control list when you add the file to the Safeguard
database (with the ADD DISKFILE command)
By altering the authorization record (with the ALTER DISKFILE command)
In every case, the access control list for a disk file defines the users and user groups
who can access the file. Only the primary owner of the authorization record for a disk
file, the primary owner's group manager, the local super ID, and users with OWNER
authority on the access control list can modify the access control list. For more
information about ownership, see Specifying Ownership on page 3-13.
An access control list for a disk file can grant or deny any combination of the following
access authorities:
TYPE OWNER WARNING-MODE
DISKFILE 2,1 OFF
AUDIT-ACCESS-PASS = NONE AUDIT-MANAGE-PASS = NONE
AUDIT-ACCESS-FAIL = NONE AUDIT-MANAGE-FAIL = NONE
LICENSE = OFF PROGID = OFF CLEARONPURGE = OFF PERSISTENT = OFF
TRUST = OFF
(H-series RVUs only)
002,001 R,W,E,P
002,* R, E
READ The authority to read a disk file
WRITE The authority to write to a disk file
EXECUTE The authority to execute a program file as a process
PURGE The authority to purge a disk file
CREATE The authority to create a disk file
OWNER The authority to change the authorization record for a disk file