Manualshelf

Security Management Guide (G06.24+, H06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
919293949596979899100
Concerns for the User
Security Management Guide522283-008
5-11
Guardian Security
You are a local user if you access the file from a local process. A local process is
either:
A process that has executed a successful logon call to the
USER_AUTHENTICATE_ procedure (such as a TACL process that has executed
such a call on behalf of a user entering a LOGON command)
A process started from a local process on the same system
Any process that is not a local process is a remote process.
For example, suppose MYFILE resides on system \SYS1. If you are logged on to
\SYS1 and execute FUP to access MYFILE, your FUP process is treated as a local
user. However, if you are logged on to \SYS2 and attempt to use FUP to access
MYFILE on \SYS1, your FUP process is treated as a remote user. This condition holds
true whether you run FUP on \SYS1 or \SYS2.
File Ownership
Every Guardian file has an owner. Whenever you create a file, you become its owner.
As the file owner, you have special privileges in regard to the file.
Only you, your group manager, or the super ID user can change the file’s security. The
security setting determines who can access the file and what operations they can
perform on the file (read, write, execute, purge).
When you create a file, it is automatically given the default file security setting assigned
to you. If necessary, you can later use the FUP SECURE command to change a file’s
security setting. For example, the following command sets the security of the file
NOTES to CUCU. For more information about security setting, see File Security on
page 5-9.
6> FUP SECURE NOTES,"CUCU"
As mentioned previously, you can verify this setting with the FILEINFO command.
You, your group-manager, or the super ID can transfer ownership of this file to another
user ID. Use the FUP GIVE command to transfer ownership. For example, this
command transfers ownership of file NOTES to user ID 147,36:
7> FUP GIVE NOTES,147,36
Logon Default File Security Setting
The person who establishes your user ID also assigns your logon default security
setting. This security setting is applied to Guardian files you create during the session.
If this file security setting is permissive (for example, NNNN, which allows anyone to
read, write, execute, or purge your files), you must remember to secure each new
sensitive file.
By using a permissive security setting, you risk forgetting to secure a file.