Safeguard Reference Manual (G06.24+, H06.03+ )

OBJECTTYPE Security Commands

Safeguard Reference Manual—520618-013

12-18

INFO OBJECTTYPE Command

NO ACCESS CONTROL LIST DEFINED!

appears for an object class that has no ACL. Use ALTER

OBJECTTYPE...ACCESS to define ACL entries for an existing object-class

authorization record.

INFO OBJECTTYPE Detailed Report

The detailed INFO OBJECTTYPE report includes the auditing specifications currently

defined for the protected OBJECTTYPE. Figure 12-2 shows the format of the detailed

INFO OBJECTTYPE report.

In addition to the OBJECTTYPE attribute values displayed in the brief INFO

OBJECTTYPE report, the detailed INFO OBJECTTYPE report displays these attribute

values:

AUDIT-ACCESS-PASS = a-spec AUDIT-MANAGE-PASS = a-spec

AUDIT-ACCESS-FAIL = a-spec AUDIT-MANAGE-FAIL = a-spec

These values indicate the conditions under which the Safeguard software audits

attempts to create an authorization record for any specific object in this object class,

and attempts to manage this authorization record. a-spec can be:

{ ALL | LOCAL | REMOTE | NONE }

For a full description of each a-spec, see the appropriate audit-spec under the

SET OBJECTTYPE Command on page 12-20.

Example

To generate a brief INFO OBJECTTYPE report for the object-class device:

=INFO OBJECTTYPE device

Caution. If you do not specify an ACL for an object class, only the local super ID can add an

authorization record for an object of that object class.

Figure 12-2. INFO OBJECTTYPE Detailed Report Format

LAST-MODIFIED OWNER STATUS

objecttype

date,time owner-id status

user-spec [DENY] authority-list

[ NO ACCESS CONTROL LIST DEFINED! ]

AUDIT-ACCESS-PASS = a-spec AUDIT-MANAGE-PASS = a-spec

AUDIT-ACCESS-FAIL = a-spec AUDIT-MANAGE-FAIL = a-spec