HP 3000 Manuals HP 3000 Manuals
Tasks Involving System Security
The following sections describe tasks relating to system security such as
listing ACDs, assigning ACDs, changing ACDs, and copying ACDs.
Listing ACDs for files and directories
Because ACDs supersede other security mechanisms, it is useful to be able
to determine whether or not a directory or file has an ACD assigned to it
and, if so, what it is. Any directories or files residing outside of
traditional MPE groups are automatically assigned ACDs when they are
created. You can list ACDs by using the LISTFILE command with the -2
(also called ACD) option.
The following example shows how to list the ACD associated with the
directory called letters. Notice that the user named JONES in the OFFICE
account has RD (read directory entries) access to the letters directory.
All other users on the system have both RD and TD (traverse directory
entries) access to letters.
________________________________________________________
| |
| |
| listfile /dir0/letters,-2 |
| PATH=/dir0/ |
| |
| ------------ACD ENTRIES-------------- FILENAME |
| |
| JONES.OFFICE : RD letters/ |
| @.@ : RD,TD |
| |
| |
________________________________________________________
In the next example, the directory GRP is assigned the default ACD. All
users can read the ACD assigned to the directory. Only the creator and
the system manager can change it. Also, note that -2 is replaced with
the textual equivalent ACD.
________________________________________________________
| |
| |
| listfile /OFFICE/GRP,ACD |
| PATH=/OFFICE/ |
| |
| ------------ACD ENTRIES-------------- FILENAME |
| |
| @.@ : RACD GRP/ |
| |
________________________________________________________
In the next example, the file assets has an ACD assigned to it. The ACD
pairs are listed from the most specific (such as a particular user in a
particular account) to the least specific (all other users in all other
accounts). User ZONIS in the OFFICE account has R (read) access to the
file assets. Other users in the OFFICE account have both R and W (write)
access to the file. And all other users in other accounts have R, W, and
X (execute) access to the file.
________________________________________________________
| |
| |
| listfile /OFFICE/GRP/assets,-2 |
| PATH=/OFFICE/GRP/ |
| |
| ------------ACD ENTRIES-------------- FILENAME |
| |
| ZONIS.OFFICE : R assets |
| @.OFFICE : R,W |
| @.@ : R,W,X |
| |
| |
________________________________________________________
The next example shows how you can list the ACDs for all of the files in
the GRP directory. It shows the ACD on the file assets as in the
previous example and lists the ACDs on the other two files in the
directory.
_____________________________________________________
| |
| |
| listfile /OFFICE/GRP/@,-2 |
| PATH=/OFFICE/GRP/ |
| |
| ------------ACD ENTRIES------------ FILENAME |
| |
| ZONIS.OFFICE : R assets |
| @.OFFICE : R,W |
| @.@ : R,W,X |
| ZONIS.OFFICE : R bills |
| WILKE.OFFICE : R,W |
| @.@ : R,W,X |
| SMITH.OFFICE : R goods |
| @.OFFICE : R,W,X |
| |
| |
_____________________________________________________
Changing access to files and directories
Because access to MPE/iX files and hierarchical directories is controlled
by ACDs, system users may want to change the defaults assigned when files
or directories are created.
For the purpose of selectively restricting access to files with ACDs,
users can be classified into three groups:
* Individual users
* Specific groups of users
* All other users
Assigning ACDs.
For example, you may want to assign ACD permissions to restrict access to
a sensitive file so that only you and your manager can read it. You may
also want to restrict access to a sensitive directory so that only
certain members of a group can create files in it.
Use the ALTSEC command to change access permissions to a file or
hierarchical directory. System managers can assign ACDs on any file or
directory in the system. They must supply the lockword for any
lockword-protected files before they can assign an ACD, however. Once
the file has an ACD, the ACD supersedes the lockword.
You can use the ADDPAIR option with the ALTSEC command to add ACD pairs
to an object that already has an ACD. (You must use the NEWACD option to
assign ACDs to files having no ACDs.)
For example, to assign a new ACD that gives all users on the system total
access to the file NUMBERS:
:ALTSEC NUMBERS;NEWACD=(R,W,L,A,X,RACD:@.@)
The file SUMMARY has an ACD (RACD:@.@). You want to grant read and write
access to users in your account:
:ALTSEC SUMMARY;ADDPAIR=(W,R:@.ACCT)
Replacing ACDs.
You can replace the current ACD by using the REPACD option with the
ALTSEC command.
All users in the MKTG account currently have RD and TD access to the
directory van. The users can only move through van and read the names of
files in it. Instead, you want to grant all users in MKTG greater access
to the contents of the directory. You want them to be able to create
directory entries, delete directory entries, read directory entries,
traverse directory entries, and to be able to read the ACD.
For example,
:ALTSEC ./van;REPACD=(CD,DD,RD,TD,RACD:@.MKTG)
This option is useful when you want to change the default ACDs assigned
to HFS directories and to files outside of MPE groups.
Deleting ACDs.
You can only delete optional ACDs on files in MPE groups that can be
protected by the file access matrix.
Users in the ACCT account have read access to the file
/ACCT/PUB/dir1/summary and all other users have read ACD access to the
file (R:@.ACCT;RACD:@.@). If you decide that the users in ACCT should no
longer have read access to the file, you can delete previously assigned
ACD pairs (but you cannot delete the entire ACD):
:ALTSEC /ACCT/PUB/dir1/summary;DELPAIR=(@.ACCT)
The above example deletes read access to file summary for all users in
ACCT but still allows all users (including those in ACCT) RACD access to
the file.
You try to specify the following command to delete the ACD pair that
matches @.@, which is the only ACD pair left on the file:
:ALTSEC /ACCT/PUB/dir1/summary;DELPAIR=(@.@)
Because this file is located in an HFS directory, it is required to have
ACDs and cannot be protected by the file access matrix. You receive an
error message and the ACD will not be deleted:
Cannot delete ACDs from objects where file matrix security
does not apply. (CIERR 7330)
If the file REPORT is a file in an MPE group, its GID matches the GID of
its parent group, and its ACD is not required, you can use the following
command to delete all ACD pairs:
:ALTSEC REPORT;DELACD
Copying ACDs.
You can copy ACD pairs from one file to another or from one directory to
another. This is particularly useful if you assign a complex set of ACDs
to one file or directory and you want to assign the same set to another
file or directory.
NOTE You can only copy an ACD from one file to another or from one
directory to another. You can't copy an ACD from a directory to a
file or vice versa.
For example, you can copy the ACD from directory dir1 to another
directory dir2:
:ALTSEC ./dir2;COPYACD=./dir1
You can also copy ACDs between devices. The following example copies the
ACD associated with ldev 5 to all devices in the device class TERM:
:ALTSEC TERM,DEVCLASS;COPYACD=5,LDEV