Safeguard Reference Manual (G06.29+, H06.08+, J06.03+)
Table Of Contents
- Safeguard Reference Manual
- Legal Notices
- Contents
- What is New in this Manual
- Manual Information
- New and Changed Information
- Changes to the 520618-030 manual
- Changes to the 520618-029 manual
- Changes to the 520618-028 manual
- Changes to the 520618-027 manual
- Changes to the 520618-026 manual
- Changes to the 520618-025 manual
- Changes to the H06.22/J06.11 manual
- Changes to the H06.21/J06.10 Manual
- Changes to the H06.20/J06.09 Manual
- Changes to the 520618-020 Manual
- Changes to the H06.19/J06.08 Manual
- About This Manual
- 1 Introduction
- 2 Common SAFECOM Language Elements
- 3 The Command to Run SAFECOM
- 4 SAFECOM Session-Control Commands
- 5 User Security Commands
- 6 User Alias Security Commands
- 7 Group Commands
- 8 Disk-File Security Commands
- Disk-File Ownership
- Disk-File Access Authorities
- Disk-File Access Authorization
- Disk-File Security Command Summary
- Syntax of Disk-File Security Commands
- ADD DISKFILE Command
- ADD DISKFILE-PATTERN Command
- ALTER DISKFILE Command
- ALTER DISKFILE-PATTERN Command
- DELETE DISKFILE Command
- DELETE DISKFILE-PATTERN Command
- FREEZE DISKFILE Command
- FREEZE DISKFILE-PATTERN Command
- INFO DISKFILE Command
- INFO DISKFILE-PATTERN Command
- RESET DISKFILE Command
- RESET DISKFILE-PATTERN Command
- SET DISKFILE Command
- SET DISKFILE-PATTERN Command
- SHOW DISKFILE Command
- SHOW DISKFILE-PATTERN Command
- THAW DISKFILE Command
- THAW DISKFILE-PATTERN Command
- SAFECOM Saved Diskfile Pattern Commands
- ADD SAVED-DISKFILE-PATTERN Command
- ALTER SAVED-DISKFILE-PATTERN Command
- DELETE SAVED-DISKFILE-PATTERN Command
- FREEZE SAVED-DISKFILE-PATTERN Command
- INFO SAVED-DISKFILE-PATTERN Command
- RESET SAVED-DISKFILE-PATTERN Command
- SET SAVED-DISKFILE-PATTERN Command
- SHOW SAVED-DISKFILE-PATTERN Command
- THAW SAVED-DISKFILE-PATTERN Command
- 9 Disk Volume and Subvolume Security Commands
- Volume Authorization Record Ownership
- Subvolume Authorization Record Ownership
- Volume and Subvolume Access Authorities
- Volume and Subvolume Access Authorization
- Volume and Subvolume Security Command Summary
- Syntax of Disk Volume and Subvolume Security Commands
- ADD VOLUME and SUBVOLUME Commands
- ALTER VOLUME and SUBVOLUME Commands
- DELETE VOLUME and SUBVOLUME Commands
- FREEZE VOLUME and SUBVOLUME Commands
- INFO VOLUME and SUBVOLUME Commands
- RESET VOLUME and SUBVOLUME Commands
- SET VOLUME and SUBVOLUME Commands
- SHOW VOLUME and SUBVOLUME Commands
- THAW VOLUME and SUBVOLUME Commands
- 10 Device and Subdevice Security Commands
- Device and Subdevice Authorization Record Ownership
- Device and Subdevice Access Authorities
- Device and Subdevice Access Authorization
- Device and Subdevice Security Command Summary
- Syntax of Device and Subdevice Security Commands
- ADD DEVICE and SUBDEVICE Commands
- ALTER DEVICE and SUBDEVICE Commands
- DELETE DEVICE and SUBDEVICE Commands
- FREEZE DEVICE and SUBDEVICE Commands
- INFO DEVICE and SUBDEVICE Commands
- RESET DEVICE and SUBDEVICE Commands
- SET DEVICE and SUBDEVICE Commands
- SHOW DEVICE and SUBDEVICE Commands
- THAW DEVICE and SUBDEVICE Commands
- 11 Process and Subprocess Security Commands
- Process and Subprocess Security
- Process and Subprocess Access Authorities
- Special NAMED and UNNAMED Process Protection Records
- Process and Subprocess Security Command Summary
- Syntax of the Process and Subprocess Security Commands
- ADD PROCESS and SUBPROCESS Commands
- ALTER PROCESS and SUBPROCESS Commands
- DELETE PROCESS and SUBPROCESS Commands
- FREEZE PROCESS and SUBPROCESS Commands
- INFO PROCESS and SUBPROCESS Commands
- RESET PROCESS and SUBPROCESS Commands
- SET PROCESS and SUBPROCESS Commands
- SHOW PROCESS and SUBPROCESS Commands
- THAW PROCESS and SUBPROCESS Commands
- 12 OBJECTTYPE Security Commands
- 13 Security Group Commands
- 14 Terminal Security Commands
- 15 Event-Exit-Process Commands
- 16 Safeguard Subsystem Commands
- 17 Running Other Programs From SAFECOM
- A SAFECOM Error and Warning Messages
- B Disk-File Access Rules
- Index
Process and Subprocess Security Commands
Safeguard Reference Manual — 520618-030
11 - 3
Stopping a Process With a Protected Name
The Safeguard software distinguishes between local and remote open requests. A
remote open request is one made by a process that was created by a network user
logged on to a remote system.
If a process is remote with respect to the process or subprocess that it is attempting to
open, the opener’s PAID must identify a network user who has been granted remote
access to the process or subprocess. Otherwise, the open request is rejected with a
security violation (file error 48).
For example, suppose a remote process with a PAID of 4,5 attempts to open a process
running under a protected name. The ACL defined for the process running under a
protected name must grant READ or WRITE authority to \*.4,5, \*.4,*, or \*.*,*.
Otherwise, the Safeguard software rejects the open request with a security violation
(file error 48).
An open request that has passed a Safeguard authorization check can nevertheless
fail. For example, if a process attempts to open a process that is already opened by
another process that has exclusive access, the open attempt fails with file error 12 (file
in use). For more information, see the Guardian Procedure Calls Reference Manual.
Stopping a Process With a Protected Name
If a user attempts to stop a process that is running under a protected name, the
Safeguard software checks the ACL for the process name to determine whether the
user has PURGE authority. If the user has PURGE authority, the Safeguard software
allows the process to be stopped. If the user does not have PURGE authority, the stop
request is rejected with a security violation error (file error 48). However, the user who
created the process is allowed to stop the process even if an ACL is present that
prevents the user from doing the same.
If you create the special NAMED and UNNAMED process protection records, certain
users can be given PURGE authority for all named or unnamed processes. A user is
allowed to stop any process it started as long as the process is still running under that
ID. For more information, see Special NAMED and UNNAMED Process Protection
Records on page 11-4.
Process and Subprocess Ownership
A process or subprocess has no authorization record until it is placed under Safeguard
control. By default, any user can add a process or subprocess authorization record.
For more information on how to restrict who can add process and subprocess
authorization records, see PROCESS on page 12-2 or SUBPROCESS on page 12-2.
Every authorization record has an OWNER attribute that contains the user ID that can
manage the Safeguard access controls for the process or subprocess.
However, the user who adds the record can set the OWNER attribute to the user ID of
any user (by including an OWNER specification in a SET PROCESS or
SUBPROCESS or ADD PROCESS or SUBPROCESS command). Thus the owner of a
process or subprocess need not be the user who added the record. The owner of a
protected process or subprocess authorization record can also transfer ownership to