Manualshelf

Distributed Name Service (DNS) Management Operations Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
41424344454647484950
DNS File and Database Security
DNS Management and Operations
31258 Tandem Computers Incorporated 3–11
Security Through
Operating Modes
In addition to the DNS owner and security attribute, DNSCOM has another feature
that protects against accidental changes to the database. You can run DNSCOM in one
of two modes: user mode or definition mode.
In user mode with write authority, you can add, alter, or delete the definitions of
domains, objects, managers, aliases, composites, and groups. You can also start and
stop a DNS configuration, if you have execute authority. You can obtain information
from the database if you have read authority. Even if you have definition authority,
you cannot give commands that require definition authority while in user mode.
In definition mode, you can give any command for which you have authority.
By default, DNSCOM operates in user mode. You must have definition authority to
select definition mode.
To switch to definition mode, enter the following command (assuming that you have
definition authority):
SELECT DEFINITION ON
Subsequently, DNSCOM returns you to user mode when you enter one of the
following commands:
SELECT DEFINITION OFF
RESELECT
If definition mode was selected in a command file, DNSCOM also reverts to user
mode if an end-of-file (EOF) or an error is encountered. Command files and more
information about operating modes appears under “DNSCOM Interfaces and
Operating Modes” in Section 6.
Security Through
Safeguard
The Tandem Safeguard product provides users of Tandem systems and distributed
networks with a set of services for protecting the components of the system or network
from unauthorized use. These services include authentication, authorization, and
auditing.
You can assign Safeguard access lists (ACLs) to the DNS database files and an ACL to
a name manager’s process name. It is possible to assign these lists to protect DNS so it
cannot be accessed by unauthorized users.
Refer to the SAFEGUARD User’s Guide and the SAFEGUARD Reference Manual for
more information on using Safeguard.