XYGATE Access Control Reference Manual
XYGATE
®
Access Control Reference Manual
Chapter 2. Configuring XAC
XYPRO Technology Corporation 30 Proprietary and Confidential
2.1.3 ACACL Command Entries in the ACACL File
This table describes some of the commands included in the initial ACACL file.
Command Name Purpose
TACL-255 Starts a copy of TACL that runs under the userid 255,255. The
users that are permitted to use this TACL are listed in the
ACLGROUP profile for $SUPER.
TACL-ASYNCH Starts a copy of TACL that the user must logon to using a
valid userid and password. The user’s action are recorded to
the keystroke audit. The ACLGROUP of $EVERYONE on the
ACL keyword tells you that anyone can start this TACL.
TACL-SAFEGUARD This command is designed to work with Safeguard, to serve
as the initial program started after the Safeguard logon and to
start the TACL process for the user.
TACL-DYNAMIC-IP The TACL started by this command is designed for the
communications needs of the dynamic TCP/IP session. This
TACL prompts the user for a userid or alias and password for
authentication and then destroys its session when the user
logs off.
TACL-STATIC-IP This command is designed to be used as the standard startup
for TACLs attached to a static IP port.
EDIT-XAC-ACL This command allows safe editing of the ACACL command. It
is used by the macro XAC_EDIT_ACL.
UPDATE-XAC-ACL This command is used to syntax check and update the
ACACL file.
EDIT-255 This command starts EDIT as the userid 255,255.
FUP-255 This command is used to execute FUP as the userid 255,255.
SAFECOM-ADMIN This command executes SAFECOM as the SECURITY
ADMINISTRATOR.
SQLCI-255 This command is designed to execute SQLCI and its myriad
subprograms as the SUPER.SUPER user. This command is
designed to prevent the execution of any program not part of
the SQLCI suite.
FUP-GROUP-MANAGER This command is designed to let group managers use the
inherent privileges of FUP for their group in a keystroke
audited manner. By not assigning *,255 userids and by putting
anyone you want to have that privilege on the ACLGROUP
$GRPMGR, you can ensure that users who need the
privileges can have them in an audited fashion.
OSS-AUDITED-SHELL This XAC session starts an OSS shell process where the
activity is audited to the XAC audit file.
OSS-SUPER-SHELL This command starts an OSS shell as SUPER.SUPER without
having to enter the SUPER.SUPER userid.
OSS-CHOWN-HOME This OSS session starts CHOWN as the SUPER.SUPER
userid and audits all activity that occurs.