HP 3000 Manuals HP 3000 Manuals
ACD examples
You assign ACDs using the ALTSEC command. In addition, files created in
hierarchical directories and hierarchical directories themselves are
automatically assigned ACDs.
Following is an example of an ACD that could be assigned to a text file:
NONE:JIM.DOE,@.ACCTING;R,W,X,L:@.PAYROLL;R:@.@
The ACD pairs in this example set up the following access controls on the
text file:
* Deny JIM.DOE and all users in the ACCTING account access to the
file.
* Allow read, write, execute, and lock access to users in the
PAYROLL account.
* Allow read access to everyone else.
Notice that in cases of contradictions, the most specific ACD pair is
assigned. So even though all users are assigned read access (R:@.@),
JIM.DOE cannot access the file because he is specifically assigned no
access (NONE:JIM.DOE).
If the ACD in the above example had a $GROUP_MASK entry (for example,
rx:$GROUP_MASK), then the users in the PAYROLL account would only have
read and execute access. The entire ACD would read as follows:
NONE:JIM.DOE,@.ACCTING;R,W,X,L:@.PAYROLL;R:@.@;rx:$GROUP_MASK
An example of an ACD for an HFS directory (dir1) follows:
CD,DD,RD,TD,RACD:@.ACCT;TD:@.@
The ACD pairs in this example set up the following access controls on
dir1:
* Allow all users in the ACCT account the ability to create, delete,
and read directory entries in dir1, to traverse dir1, and to read
the ACDs
* Allow everyone else the ability to traverse dir1 only.