Manualshelf

OSI/FTAM Configuration and Management Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
919293949596979899100
Planning, Installing, and Configuring Tandem FTAM
OSI/FTAM Configuration and Management Manual421944-001
3-23
Mapping of FTAM File-Security Attributes to
Guardian Security Settings
Further, for Safeguard-protected files, the access-control attribute is partially rather than
fully supported. For these files, no mapping to Guardian security is attempted, and the
responder indicates that no value is available when it reads the access-control attribute.
In this case, attempts to change the attribute fail.
The following subsections explain how the Tandem FTAM responder uses the access-
control attribute in three tasks requested by a remote initiating system:
Files Created on Behalf of a Remote FTAM User on this page
File Attributes Changed on Behalf of a Remote FTAM User on page 3-24
File Attributes Read by a Remote FTAM User on page 3-26
Files Created on Behalf of a Remote FTAM User
For files created through FTAM, the access-control attribute provided in the F-CREATE
indication maps to Tandem file security (R W E P). This mapping is as follows:
The Tandem responder uses only the first access-control element. If more than one
access-control element is present, the responder ignores all elements other than the
first. The responder uses only the action-list field of the access-control element and
returns a diagnostic message if the access-control element contains any other
information (such as concurrency-access and identity).
If the read access-control bit of the action-list is set, the Tandem responder sets
READ access to N, indicating that any user on the Expand network can read the file.
Otherwise, the responder sets READ access to –, indicating that only the super ID
user can read the file.
If any of the insert, replace, extend, change-attribute, or erase access-control bits of
the action list are set, the responder sets WRITE access to N, indicating that any
user on the Expand network can write to the file. Otherwise, the responder sets
WRITE access to –, indicating that only the super ID user can write to the file.
EXECUTE access is set to –, indicating that only the super ID user can execute the
file.
If the delete-file access-control bit of the action list is set, the responder sets PURGE
access to N, indicating that any user on the Expand network can purge the file.
Otherwise, the responder sets PURGE access to –, indicating that only the super ID
user can purge the file.