XYGATE Access Control Reference Manual
XYGATE
®
Access Control Reference Manual
Chapter 1. Installing XAC
XYPRO Technology Corporation 28 Proprietary and Confidential
1.7 Securing XYGATEAC
This section describes how to secure the XYGATE XAC module.
Note that the SECURITY.ADMIN userid is assumed to be the “owner” of the XYGATE
XAC software. If a different userid is used, then adjust these security settings
accordingly. Also note that the XYGATE XAC software is assumed to be installed on
$SYSTEM.XYGATEAC. Adjust these security settings if different values are used.
The following files in the XYGATEAC subvolume should be secured so that everyone
will have access only to Read and Execute.
$SYSTEM.XYGATEAC.P++F001
$SYSTEM.XYGATEAC.XYGATEAC
$SYSTEM.XYGATEAC.DBSO
$SYSTEM.XYGATEAC.ACCONF
$SYSTEM.XYGATEAC.ACACL
$SYSTEM.XYGATEAC.VULIB
$SYSTEM.XYGATEAC.D3XLIB
$SYSTEM.XYGATEAC.XYGATEAD
$SYSTEM.XYGATEAC.XYGATEOA
$SYSTEM.XYGATEAC.XOADLL
1.7.1 Securing XYGATEAC Using XYGATEOS
This section describes how to secure the XYGATE XAC files with XYGATEOS.
FOGROUP SECURE-XYGATEAC-FILES
DESCRIPTION "Secure XYGATE Access Control Module"
! (Everyone must be able to Read and Execute these Object Files)
! *** Selection Criteria ***
MASK $SYSTEM.XYGATEAC.P++F001
$SYSTEM. XYGATEAC. XYGATEAC
$SYSTEM.XYGATEAC.ACCONF
$SYSTEM.XYGATEAC.ACACL
$SYSTEM.XYGATEAC.VULIB
$SYSTEM.XYGATEAC.D3XLIB
$SYSTEM.XYGATEAC.DBSO
$SYSTEM.XYGATEAC.XYGATEAD
$SYSTEM.XYGATEAC.XYGATEOA
$SYSTEM.XYGATEAC.XOADLL
! *** Access Granted ***
ACL $SECURITY (R,W,E,P,C,RN,G,L,PR)
$EVERYONE (R,E)
! *** Other Keywords ***
PROCESS_AS_ACL ! Final Answer on ACCESS
AUDIT_ACCESS_PASS ON ! Audit Successes?
AUDIT_ACCESS_FAIL ON ! Audit Fails?
AUDIT_WARNING_PASS OFF ! Write Success, If Warning
AUDIT_WARNING_FAIL OFF ! Write Fail, If Warning
WARNING_MODE OFF ! Warning mode
If the above XYGATEOS rule is in place, then everyone will have access to Read and
Execute the XYGATEAC files configured above. Users in ACLGROUP $SECURITY
will be given all access.