XYGATE Access Control Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

181

182

183

184

185

186

187

188

189

190

XYGATE

Access Control Reference Manual

Appendix C: The ACACL File

XYPRO Technology Corporation 153 Proprietary and Confidential

C9: ALLOWCMD

This keyword allows an XAC-controlled OBJECT program to be limited to a subset of

user commands by specifying the commands that are permitted. ALLOWCMD also

controls XAC internal commands such as <<CONFIG, <<X and <<RUN. This allows

XAC to allow or restrict access to XAC’s internal (commandescape character

activated, such as ">CONFIG") commands as well as the object program commands.

There are a maximum of 40 ALLOW/DENY commands per ACACL Command Entry,

with a maximum of 30,000 command characters for all ACACL ALLOW/DENYs

combined.

If when using ALLOWCMD a command is not expressly allowed, then it is denied. It is

important to allow the EXIT command, or it may be impossible to terminate the

program. ALLOWCMD and DENYCMD limitations may be mixed and will be applied in

the order in which they are specified in the ACACL entry.

Note: The order of evaluation of commands is ALIAS, %parameters, FKEY,

ALLOWCMD / DENYCMD, COMMANDESC and RUNCHECK. All ALLOWCMD

entries and DENYCMD entries are processed after ALIAS scanning is complete

and %parameters are replaced. ALLOWCMD and DENYCMD entries are

processed in the order in which they are encountered. ALLOWCMD and

DENYCMD limitations do not apply to commands that are the result of ALIAS

processing.

Syntax:

ALLOWCMD "<command>"

In the Example 1 below, because neither REXP_ALLOWDENY nor RE: were

specified, ALLOWCMD and DENYCMD perform exact command matching for the

number of characters specified in the order in which the various ALLOWCMD and

DENYCMD entries are specified in the ACACL. Thus, both PURGE and PURGEDATA

may be limited by using DENYCMD "PURGE". To limit PURGE while still permitting

PURGEDATA, PURGEDATA must be permitted using ALLOWCMD "PURGEDATA"

before the DENYCMD "PURGE". You MUST have the FC keyword and either the FC#

or FC? keyword set when using the DENYCMD and ALLOWCMD attributes to

maintain security.

Example 1:

COMMAND SCF-OPER

DESCRIPTION "Runs SCF as SUPER.SUPER to execute STATUS command only"

USER 225,255

ACL $OPER

OBJECT $SYSTEM.SYSTEM.SCF

NOBREAK

ALLOWCMD "STATUS"

ALLOWCMD "EXIT"

DENYCMD "*"

Example 2 below permits the use of the PURGEDATA command while prohibiting

PURGE. The EXIT command can be used, as can the XAC internal commands