Manualshelf

Security Management Guide (G06.29+, H06.08+, J06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
81828384858687888990
OSS System Security
Security Management Guide 522283-021
4 - 8
File Privilege
Can be set by members of the Safeguard SECURITY-PRV-ADMINISTRATOR
(SPA) group, using either the SETFILEPRIV command or the
setfilepriv()function.
Use the GETFILEPRIV command to get information about the file privileges for a file.
For information about the GETFILEPRIV command, see the getfilepriv(1) reference
page either online or in the Open System Service Shell and Utilities Reference Manual.
For information about the SETFILEPRIV command, see the setfilepriv(1) reference
page either online or in the Open System Service Shell and Utilities Reference Manual.
For more information about the setfilepriv() function, see the setfilepriv(2)
reference page either online or in the Open System Service System Calls Reference
Manual.
PRIVSOARFOPEN File Privilege
The PRIV_SOARFOPEN file privilege allows a process to directly access any file in a
restricted-access fileset on the local system, but only if that executable file has been
started by a locally-authenticated member of the Safeguard SECURITY-OSS-
ADMINISTRATOR (SOA) group. If the executable has a file privilege, then any user
library or ordinary DLL used by that process must also have that file privilege.
If an executable with the PRIV_SOARFOPEN is started by a user who is not a member
of the SOA group, that process is created without the PRIV_SOARFOPEN privilege.
The PRIV_SOARFOPEN file privilege can be inherited by child processes created
using fork() because the parent and child process share the same executable. Any
child processes created by other process creation functions or procedure calls (such
as exec() or PROCESS_CREATE_) acquire their file privileges from that target
executable file.
The most common use for this file privilege is to allow a SECURITY-OSS-
ADMINISTRATOR to use the Backup and Restore 2 product to back up files that are in
restricted-access filesets. It is not required that the executable file be in the restricted-
access fileset.
File privileges are removed from a file if the file is changed (such as by being opened
fo
r writing).
PRIV_SETID File Privilege
The PRIV_SETID file privilege allows the locally-authenticated super ID to start a
process from an executable and use a privileged switch operation, such as setgid()
or setuid(), to switch to another user ID or group ID (without a password) and,
based on the permissions for that ID, access files in restricted-access filesets. It is not
required that the executable file be in the restricted-access fileset.
If the executable file has a file privilege, then any user library or ordinary DLL loaded
by the process must also have that file privilege. Otherwise, an error is reported when
the process attempt
s to load that library or DLL.