Manualshelf

Safeguard User's Guide (G06.29+, H06.08+, J06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
51525354555657585960
Securing Disk Files
Safeguard User’s Guide 422089-020
3 - 17
Other Disk-File Security Features
In the previous examples in this section, you are the only owner of quarter1. Assume
you want user ID 2,18 to own quarter1 also. You could change the OWNER attribute,
but then you would no longer own the file. Instead, you might want to grant user ID
2,18 OWNER authority in an access control list.
To give user ID 2,18 OWNER authority:
=ALTER DISK quarter1, ACC 2,18 O
The INFO display now shows an O in the entry for user ID 2,18:
=INFO DISK quarter1, DETAIL
Other Disk-File Security Features
The Safeguard subsystem provides five special attributes for disk files:
CLEARONPURGE, PERSISTENT, LICENSE, PROGID, and, in H-series RVUs only,
TRUST. Like other security attributes, these attributes can be specified with the ADD
DISKFILE, ALTER DISKFILE, or SET DISKFILE commands.
The CLEARONPURGE Attribute
Normally, a disk process purges a disk file by removing the file entry from the volume
directory, thereby releasing the space occupied by the file. However, the data is not
physically erased from the disk and is vulnerable to intruders until it is overwritten by
another file. If you purge a file with CLEARONPURGE ON, however, the disk process
writes null characters over all space allocated to the file.
LAST-MODIFIED OWNER STATUS WARNING-MODE
$DATA.SALES
QUARTER1 23JAN05, 15:43 2,1 THAWED OFF
002,001 R,W,E,P
002,006 DENY W
002,018 R,W,E,P, O
004,012 R
008,004 DENY R
002,* R,W
008,* R
OBJECT-TEXT-DESCRIPTION =
AUDIT-PRIV-LOGON = OFF
AUDIT-ACCESS-PASS = NONE AUDIT-MANAGE-PASS = NONE
AUDIT-ACCESS-FAIL = REMOTE AUDIT-MANAGE-FAIL = ALL
LICENSE = OFF PROGID = OFF CLEARONPURGE = OFF PERSISTENT = OFF
TRUST = OFF PRIV-LOGON = OFF
Note. The attributes, AUDIT-PRIV-LOGON and PRIV-LOGON, are supported only on systems
running H06.11 and later H-series RVUs and G06.32 and later G-series RVUs. The OBJECT-
TEXT-DESCRIPTION attribute is supported only on systems running J06.05 and later J-series
RVUs and H06.16 and later H-series RVUs.