Manualshelf

Safeguard User's Guide (G06.24+, H06.03+)

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series
41424344454647484950
Securing Disk Files
Safeguard User’s Guide422089-009
3-13
Specifying Ownership
Similarly, the following command specifies auditing of all unsuccessful attempts (local
and remote) to manage the authorization record for the file quarter1:
=ALT DISK quarter1, AUDIT-MANAGE-FAIL ALL
To display the audit settings for quarter1:
=INFO DISKFILE quarter1, DETAIL
The DETAIL option shows an expanded version of the INFO display:
AUDIT-ACCESS-PASS is set to REMOTE, and AUDIT-MANAGE-PASS is set to ALL.
Specifying Ownership
Normally, when you add a disk file to the Safeguard database, you must be the
Guardian owner of the file. Unless you specify otherwise, the Safeguard subsystem
recognizes you as the owner of the authorization record for the file (your user ID is
specified for the OWNER attribute). Your group manager or the super ID can be the
owner of the authorization record if either of them adds one of your files to the
Safeguard database.
Ownership allows you to change the authorization record. In fact, you can even change
the OWNER attribute of the authorization record, thereby giving control of the file to
someone else.
You can specify ownership in two ways: with the OWNER attribute or with OWNER
authority in an access control list. You can use OWNER authority to establish multiple
owners. Both forms of ownership provide the ability to change the authorization record.
However, if the disk file is removed from the Safeguard database, the primary owner
(specified by the OWNER attribute) becomes the Guardian owner. Also, only the
primary owner can set the PROGID attribute to protect program code. See The
PROGID Attribute on page 3-16.
In the previous examples in this section, you are the only owner of quarter1. Assume
you want user ID 2,18 to own quarter1 also. You could change the OWNER attribute,
LAST-MODIFIED OWNER STATUS WARNING-MODE
$DATA.SALES
QUARTER1 23JUL05, 15:38 2,1 THAWED OFF
002,001 R,W,E,P
002,006 DENY W
002,018 R,W,E,P
004,012 R
008,004 DENY R
002,* R,W
008,* R
AUDIT-ACCESS-PASS = NONE AUDIT-MANAGE-PASS = NONE
AUDIT-ACCESS-FAIL = REMOTE AUDIT-MANAGE-FAIL = ALL
LICENSE = OFF PROGID = OFF CLEARONPURGE = OFF PERSISTENT = OFF
TRUST = OFF