XYGATE Access Control Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

211

212

213

214

215

216

217

218

219

220

XYGATE

Access Control Reference Manual

Appendix C: The ACACL File

XYPRO Technology Corporation 191 Proprietary and Confidential

C53: NOCOMMANDAUDIT

This keyword suppresses DETAIL audits (as opposed to INVOKE audits) of all

interactive commands entered including commands from input files. This can be used

if the XAC ACACL Command Entry has user interaction that does not require auditing,

such as inquiry-only type commands, or a command which executes a secured input

stream via INPUT, FILE or OBEY.

User command auditing is assumed unless NOCOMMANDAUDIT is specified.

Example:

COMMAND QUICK-STATUS

DESCRIPTION "APPLICATION STATUS"

USER 255,255

OBJECT $SYSTEM.SYSNN.TACL

ACL $SYSMGRS

FILE $WORK.SYSMGR.QUIKCHEK

NOAUDIT NOCOMMANDAUDIT

In this example, we can assume that the file $WORK.SYSMGR.QUIKCHEK is not

active, only displaying status information.

C54: NOCOMMANDESCAPE

This keyword disables access to the interactive XAC "escape" commands

Example:

COMMAND SAFEGUARD-TACL

DESCRIPTION "TACL STARTED BY SAFEGUARD LOGON PROGRAM"

USER GROUP,USER

OBJECT $SYSTEM.SYSNN.TACL

ACL \*.*.* ALIAS:"\*.*"

NULLNULLSTOP TRACKUSERID EXECUTEHANGUP

TIMEOUT 1800

STOPONERROR 60,66,140,190,191

CHECKCONNECTION 750 100

DONOTSTOP \*.$SYSTEM.SYSTEM.PATH*

OPENSBYOBJECTS \*.$*.*.*

START_LOGGED_ON BLANKPASSWORD

NOCOMMANDESCAPE

The above example shows the ACACL Command Entry for a TACL started because a

terminal is defined in Safeguard. With NOCOMMANDESCAPE set, none of the

interactive commands such as >STOP or >LOCK can be used.