Safeguard User's Guide (G06.24+, H06.03+)
Securing Disk Files
Safeguard User’s Guide—422089-009
3-14
Other Disk-File Security Features
but then you would no longer own the file. Instead, you might want to grant user ID
2,18 OWNER authority in an access control list.
To give user ID 2,18 OWNER authority:
=ALTER DISK quarter1, ACC 2,18 O
The INFO display now shows an O in the entry for user ID 2,18:
=INFO DISK quarter1, DETAIL
Other Disk-File Security Features
The Safeguard subsystem provides five special attributes for disk files:
CLEARONPURGE, PERSISTENT, LICENSE, PROGID, and, in H-series RVUs only,
TRUST. Like other security attributes, these attributes can be specified with the ADD
DISKFILE, ALTER DISKFILE, or SET DISKFILE commands.
The CLEARONPURGE Attribute
Normally, a disk process purges a disk file by removing the file entry from the volume
directory, thereby releasing the space occupied by the file. However, the data is not
physically erased from the disk and is vulnerable to intruders until it is overwritten by
another file. If you purge a file with CLEARONPURGE ON, however, the disk process
writes null characters over all space allocated to the file.
To set the CLEARONPURGE attribute for the file quarter1, used in the previous
examples:
=ALTER DISKFILE quarter1, CLEARONPURGE ON
LAST-MODIFIED OWNER STATUS WARNING-MODE
$DATA.SALES
QUARTER1 23JAN05, 15:43 2,1 THAWED OFF
002,001 R,W,E,P
002,006 DENY W
002,018 R,W,E,P, O
004,012 R
008,004 DENY R
002,* R,W
008,* R
AUDIT-ACCESS-PASS = NONE AUDIT-MANAGE-PASS = NONE
AUDIT-ACCESS-FAIL = REMOTE AUDIT-MANAGE-FAIL = ALL
LICENSE = OFF PROGID = OFF CLEARONPURGE = OFF PERSISTENT = OFF
TRUST = OFF (H-series RVUs only)