Safeguard Reference Manual (G06.29+, H06.08+, J06.03+)
Table Of Contents
- Safeguard Reference Manual
- Legal Notices
- Contents
- What is New in this Manual
- Manual Information
- New and Changed Information
- Changes to the 520618-030 manual
- Changes to the 520618-029 manual
- Changes to the 520618-028 manual
- Changes to the 520618-027 manual
- Changes to the 520618-026 manual
- Changes to the 520618-025 manual
- Changes to the H06.22/J06.11 manual
- Changes to the H06.21/J06.10 Manual
- Changes to the H06.20/J06.09 Manual
- Changes to the 520618-020 Manual
- Changes to the H06.19/J06.08 Manual
- About This Manual
- 1 Introduction
- 2 Common SAFECOM Language Elements
- 3 The Command to Run SAFECOM
- 4 SAFECOM Session-Control Commands
- 5 User Security Commands
- 6 User Alias Security Commands
- 7 Group Commands
- 8 Disk-File Security Commands
- Disk-File Ownership
- Disk-File Access Authorities
- Disk-File Access Authorization
- Disk-File Security Command Summary
- Syntax of Disk-File Security Commands
- ADD DISKFILE Command
- ADD DISKFILE-PATTERN Command
- ALTER DISKFILE Command
- ALTER DISKFILE-PATTERN Command
- DELETE DISKFILE Command
- DELETE DISKFILE-PATTERN Command
- FREEZE DISKFILE Command
- FREEZE DISKFILE-PATTERN Command
- INFO DISKFILE Command
- INFO DISKFILE-PATTERN Command
- RESET DISKFILE Command
- RESET DISKFILE-PATTERN Command
- SET DISKFILE Command
- SET DISKFILE-PATTERN Command
- SHOW DISKFILE Command
- SHOW DISKFILE-PATTERN Command
- THAW DISKFILE Command
- THAW DISKFILE-PATTERN Command
- SAFECOM Saved Diskfile Pattern Commands
- ADD SAVED-DISKFILE-PATTERN Command
- ALTER SAVED-DISKFILE-PATTERN Command
- DELETE SAVED-DISKFILE-PATTERN Command
- FREEZE SAVED-DISKFILE-PATTERN Command
- INFO SAVED-DISKFILE-PATTERN Command
- RESET SAVED-DISKFILE-PATTERN Command
- SET SAVED-DISKFILE-PATTERN Command
- SHOW SAVED-DISKFILE-PATTERN Command
- THAW SAVED-DISKFILE-PATTERN Command
- 9 Disk Volume and Subvolume Security Commands
- Volume Authorization Record Ownership
- Subvolume Authorization Record Ownership
- Volume and Subvolume Access Authorities
- Volume and Subvolume Access Authorization
- Volume and Subvolume Security Command Summary
- Syntax of Disk Volume and Subvolume Security Commands
- ADD VOLUME and SUBVOLUME Commands
- ALTER VOLUME and SUBVOLUME Commands
- DELETE VOLUME and SUBVOLUME Commands
- FREEZE VOLUME and SUBVOLUME Commands
- INFO VOLUME and SUBVOLUME Commands
- RESET VOLUME and SUBVOLUME Commands
- SET VOLUME and SUBVOLUME Commands
- SHOW VOLUME and SUBVOLUME Commands
- THAW VOLUME and SUBVOLUME Commands
- 10 Device and Subdevice Security Commands
- Device and Subdevice Authorization Record Ownership
- Device and Subdevice Access Authorities
- Device and Subdevice Access Authorization
- Device and Subdevice Security Command Summary
- Syntax of Device and Subdevice Security Commands
- ADD DEVICE and SUBDEVICE Commands
- ALTER DEVICE and SUBDEVICE Commands
- DELETE DEVICE and SUBDEVICE Commands
- FREEZE DEVICE and SUBDEVICE Commands
- INFO DEVICE and SUBDEVICE Commands
- RESET DEVICE and SUBDEVICE Commands
- SET DEVICE and SUBDEVICE Commands
- SHOW DEVICE and SUBDEVICE Commands
- THAW DEVICE and SUBDEVICE Commands
- 11 Process and Subprocess Security Commands
- Process and Subprocess Security
- Process and Subprocess Access Authorities
- Special NAMED and UNNAMED Process Protection Records
- Process and Subprocess Security Command Summary
- Syntax of the Process and Subprocess Security Commands
- ADD PROCESS and SUBPROCESS Commands
- ALTER PROCESS and SUBPROCESS Commands
- DELETE PROCESS and SUBPROCESS Commands
- FREEZE PROCESS and SUBPROCESS Commands
- INFO PROCESS and SUBPROCESS Commands
- RESET PROCESS and SUBPROCESS Commands
- SET PROCESS and SUBPROCESS Commands
- SHOW PROCESS and SUBPROCESS Commands
- THAW PROCESS and SUBPROCESS Commands
- 12 OBJECTTYPE Security Commands
- 13 Security Group Commands
- 14 Terminal Security Commands
- 15 Event-Exit-Process Commands
- 16 Safeguard Subsystem Commands
- 17 Running Other Programs From SAFECOM
- A SAFECOM Error and Warning Messages
- B Disk-File Access Rules
- Index
Event-Exit-Process Commands
Safeguard Reference Manual — 520618-030
15 - 28
Processing of Authorization Requests
disabled, then the deniable user waits indefinitely for a response from the event-exit
process. The requestor process (including the entire thread), initiating the authorization
check, will hang.
Other Error Handling for Authorization
Other problems that cause timeout behavior are I/O errors, disabling of the event exit,
and invalid data received from the event-exit process.
I/O errors can occur when the event-exit process halts before responding to a request,
or when it is enabled but is down or restarting and the open is incomplete. In either of
these events, the request is resubmitted to the event-exit process once the open is
established. However, the timer is still running on these requests, and a timeout is
likely to occur. EMS messages will be sent to identify these errors.
If the event-exit process is disabled while a request is pending, the request is allowed
to complete, providing it does so within the timeout interval. If a timeout occurs and the
request is from a deniable user, a ruling of NORECORD and a status of NOLINK is
returned to PROTECTION_CHECK_. If a timeout occurs and the request is from an
undeniable user, a ruling of YES is assumed, and the access attempt is allowed to
proceed, subject to a Safeguard access check.
If invalid data is returned in a reply from the event-exit process, an EMS message is
sent to identify the problem. If the request is from a deniable user, a ruling of
NORECORD and a status of NOLINK is returned. If the request is from an undeniable
user, a ruling of YES is assumed, and the access attempt is allowed to proceed,
subject to a Safeguard access check as described in Processing of Authorization
Requests on page 15-26.
Warning Mode Interaction
Safeguard warning mode has no effect on rulings made by the event-exit process.
Warning mode rulings are applied only after the event-exit process has ruled and the
SMON performs a subsequent access check. For example, if warning mode is in effect
and the event-exit process denies access, the access attempt is denied. If warning
mode is in effect and the event-exit process grants access, but the SMON denies
access, the access is allowed because of warning mode. For more information about
warning mode, see the Safeguard Administrator’s Manual.
Auditing of Authorization Events
If the Safeguard software is configured for auditing of the object being accessed, audit
records are generated for access attempts on that object when Safeguard is involved
in the ruling.
Note. The TIMEOUT-ALL-AUTHZREQ attribute is supported only on systems running H06.26
and later H-series RVUs and J06.15 and later J-series RVUs.