HP 3000 Manuals HP 3000 Manuals
User Identification
Users on MPE/iX are now identified by a user ID (UID). The UID is a
string (in the form user.account) with a corresponding integer value.
Each MPE account has a group ID (GID) associated with it. The GID is a
string (in the form account) and also has a numerical value assigned to
it. UIDs and GIDs were added to file and process structures to more
easily identify object owners and file sharing groups, respectively.
In addition to the UIDs and GIDs, users are identified as follows:
Table 3-2. User Categories
---------------------------------------------------------------------------------------------
| | |
| Category | Conditions |
| | |
---------------------------------------------------------------------------------------------
| | |
| File Owner | The user whose UID matches the object's UID (also called user.account |
| | or $OWNER in ACDs). By default, when a user creates a file or |
| | directory it is assigned the same UID as that user. |
| | |
---------------------------------------------------------------------------------------------
| | |
| File Group Member | Any user whose GID matches the GID of the object (also called |
| | @.account or $GROUP in ACDs). By default, all members of an account |
| | are assigned the same GID. This group is a new file sharing concept |
| | that should be distinguished from MPE groups (that is, group |
| | directories). By default, when a user creates a file or directory, |
| | it is assigned the parent directory's GID. |
| | |
---------------------------------------------------------------------------------------------
SAVE access in MPE groups
Create directory entries (CD) access and delete directory entries (DD)
access to all MPE groups is governed by appropriate privileges or SAVE
access. (A complete definition of appropriate privilege appears later in
this chapter.) SAVE access for an MPE group implies CD and DD permission
for directory entries. That is, a user can create or delete a directory
in an MPE group if the group grants SAVE access to the user. However,
you still need write access to a file to be able to delete it from an MPE
group.
CWD and File Security
You can now change the current working directory (CWD) to any directory
(including an MPE account, an MPE group, the root directory, or an HFS
directory) as long as you have TD access to the directories in the path
to the directory. This means that you can change your CWD to any MPE
group on the system because all users have RD and TD access to the root
directory, all accounts, and all groups, by default.
It is important to note that changing your CWD to a new MPE group (using
the CHDIR command) does not make you a GU user of the new group. GU is
based on your logon group and account; this can only be changed using
CHGROUP. If you attempt to access a file in the new group, you may not be
able to access it. If the new group is in your logon account, you are
allowed account level privileges in the new group. If the new group is
not in your logon account, you are allowed the access privileges given to
any user. No password check is done when you change your CWD. This is
unlike CHGROUP which does a password check.