Manualshelf

XYGATE Access Control Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
251252253254255256257258259260
XYGATE
®
Access Control Reference Manual
Appendix D: XAC Interactive Commands
XYPRO Technology Corporation 230 Proprietary and Confidential
D1: <<COMMENT
All words following COMMENT on a line are treated as comments. All comments are
written to the DETAIL audit log, so you can use a comment to add information to the
DETAIL audit either as part of the ACACL using INPUT or by dynamically using
<<COMMENT during the session.
Example:
COMMAND AM-RUN
DESCRIPTION "AM OBEY FILE"
USER PROD.OWNER
OBJECT $SYSTEM.SYSNN.TACL
ACL $OPERATORS
VERIFYUSER \*.*.* ALIAS:"*"
INPUT "<<COMMENT The first prompt is the date to run."
FILE $WORK.RUNFILES.AMRUN
In this example, the comment is part of the ACACL entry, so it will be logged every
time this session is executed.
Example:
$SYSTEM.SECURITY 23> XAC SAFECOM-ADMIN
XYGATEAC 5.75 XYPRO \N1 20991231 (see <<CONFIG for Copyright)
SAFEGUARD COMMAND INTERPRETER - T9750H05 - (16JAN2013) SYSTEM \N1
1 = <<comment Not at my desk - at meeting with TH, RS and DEB when
1 = <<comment subject of SAFEGUARD global config came up. Used
1 = <<comment TH’s desk to get info, even tho not within procedures
1 = <<comment to use SECURITY.ADMIN privileges outside of the secured area.
1 = INFO SAFEGUARD, DETAIL
In this example, the security administrator is violating the protocols for
SECURITY.ADMIN use. By using <<COMMENT to dynamically log the reason, the
administrator has an audit record for reference in the future and will satisfy most
auditors with appropriate documentation of a procedure violation.