Security Management Guide (G06.24+, H06.03+)
Contents
Security Management Guide—522283-008
iii
3. Safeguard System Security (continued)
3. Safeguard System Security (continued)
Adding Users to a System 3-7
User Configuration Issues 3-8
Controlling the Logon Process With the Safeguard Software 3-9
Vacations and Other Absences 3-10
When Employees Leave 3-10
Assigning User Aliases 3-10
Creating File-Sharing Groups 3-11
Securing Objects 3-11
Safeguard Access Control Lists 3-12
Emulating Guardian Security Strings 3-13
Testing Access Control Lists 3-14
Securing Critical Objects 3-14
Setting CLEARONPURGE Through SAFECOM 3-16
Licensing Programs Through SAFECOM 3-17
Setting PROGID Through SAFECOM 3-17
Determining Access Needs 3-17
Command Files 3-17
Auditing 3-19
Auditing Authentication Attempts 3-19
Auditing Object-Access Attempts 3-19
Auditing Attempts to Change or Read Safeguard Records 3-20
Other Auditing 3-20
Managing the Audit Service 3-20
Special Considerations 3-21
The Safeguard Bit 3-21
Default Protection for User’s Files 3-22
The ACL-REQUIRED-DISKFILE Attribute 3-22
4. OSS System Security
Interoperability With Safeguard Security 4-1
User Administration 4-1
File-Sharing Groups 4-2
Volume Create Authority 4-2
OSS File and Directory Security 4-3
Permission Codes 4-3
Access Control Lists 4-4
File and Directory Commands 4-6
OSS Process Security 4-7