XYGATE Access Control Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

181

182

183

184

185

186

187

188

189

190

XYGATE

Access Control Reference Manual

Appendix C: The ACACL File

XYPRO Technology Corporation 161 Proprietary and Confidential

C18: BLANKPASSWORD

This keyword causes all OBJECT program input to be scanned for the word

PASSWORD. If PASSWORD is found, the first word (or token) following it is replaced

by the number (#) symbol when written to any audit trail.

Example:

COMMAND SAFECOM

DESCRIPTION "Safecom as SECURITY.ADMIN"

USER 100,255

OBJECT $SYSTEM.SYSNN.SAFECOM

ACL 100,*

DENY 100,1 100,2

TIMEOUT 900

FC? FCPROMPT "="

BLANKPASSWORD

The BLANKPASSWORD specification ensures that the string following the word

"PASSWORD", even if found on the ACACL Command Entry startup line, will not be

seen in any audit trail.

Important! It is imperative that this keyword be used with all OBJECT files which

change or input passwords. Some of the programs known to require

BLANKPASSWORD are TACL, BATCHCOM and SAFECOM.

C19: BLOCKMODE_AUDIT

The BLOCKMODE_AUDIT keyword determines whether function keys pressed by the

user while in block mode are audited. When BLOCKMODE_AUDIT is set to ON, the

function keys will be audited. When BLOCKMODE_AUDIT is set to OFF, they will not

be audited.

Syntax:

BLOCKMODE_AUDIT { ON | OFF }

The Example below shows an edit process where the function keys pressed while in

VS will be not audited.

Example:

COMMAND EDIT-255

DESCRIPTION "EDIT AS SUPER.SUPER"

USER SUPER.SUPER

OBJECT $SYSTEM.SYSTEM.EDIT

ACL TECH.*

OPENSBYOBJECTS $SYSTEM.SYSTEM.VS

BLOCKMODE_AUDIT OFF