Guardian Procedure Calls Reference Manual
File privileges:
• Only have impact when set on executables, user libraries, or ordinary DLLs. A process created
from an executable file inherits the privileges of that executable file.
• Are ignored when accessing files that are not in a restricted-access fileset.
• Can be set by members of the Safeguard SPA group, using either the SETFILEPRIV command
or the setfilepriv() function.
Use the GETFILEPRIV command to get information about the file privileges for a file. For information
about the GETFILEPRIV command, see the getfilepriv(1) reference page either online or in
the Open System Service Shell and Utilities Reference Manual.
For information about the SETFILEPRIV command, see the setfilepriv(1) reference page either
online or in the Open System Service Shell and Utilities Reference Manual. For more information
about the setfilepriv() function, see the setfilepriv(2) reference page either online or
in the Open System Service System Calls Reference Manual.
PRIVSOARFOPEN File Privilege
The PRIVSOARFOPEN file privilege allows a process to directly access any file in a restricted-access
fileset on the local system, but only if that executable file has been started by a locally-authenticated
member of the Safeguard SOA group. If the executable has a file privilege, any user library or
ordinary DLL used by that process must also have that file privilege.
If an executable with the PRIVSOARFOPEN is started by a user who is not a member of the SOA
group, that process is created without the PRIVSOARFOPEN privilege.
The PRIVSOARFOPEN file privilege can be inherited by child processes created using fork()
because the parent and child process share the same executable. Any child processes created by
other process creation functions or procedure calls (such as exec() or PROCESS_CREATE_) acquire
their file privileges from that target executable file.
The most common use for this file privilege is to allow a SECURITY-OSS-ADMINISTRATOR to use
the Backup and Restore 2 product to back up files that are in restricted-access filesets. It is not
required that the executable file be in the restricted-access fileset.
File privileges are removed from a file if the file is changed (such as by being opened for writing).
PRIVSETID File Privilege
The PRIVSETID file privilege allows the locally-authenticated super ID to start a process from an
executable and use a privileged switch operation, such as setgid() or setuid(), to switch to
another user ID or group ID (without a password) and, based on the permissions for that ID, access
files in restricted-access filesets. It is not required that the executable file be in the restricted-access
fileset.
If the executable file has a file privilege, then any user library or ordinary DLL loaded by the process
must also have that file privilege. Otherwise, an error is reported when the process attempts to
load that library or DLL.
The PRIVSETID file privilege can be inherited by child processes created using fork() because
the parent and child process share the same executable. Any child processes created by other
process creation functions or procedure calls (such as exec() or PROCESS_CREATE_) acquire
their file privileges from that target executable file.
If an executable without the PRIVSETID file privilege performs a privileged switch ID operation,
then the process is unconditionally denied access to files in the restricted-access fileset.
File privileges are removed from a file if the file is changed (such as by being opened for writing).
Example
err := PROCESS_CREATE_ ( pfile^name , , , , , , proc^handle,
error^detail );
PROCESS_CREATE_ Procedure (Superseded by PROCESS_LAUNCH_ Procedure) 997