HP 3000 Manuals HP 3000 Manuals
Access Control Definitions (ACD)
By default, you should be able to install HP CD extensions without an
Access Control Definition (ACD) set. However, the security on your
system may be set up differently. If so, you may need to alter the ACD
values, using the ALTSEC command, to provide Read Access Control
Definition (RACD) access to users with Operator capability only.
To see whether your system has an ACD set, type:
:listf cd@skt,-2
The following example shows a response to this command from a system that
has an ACD set. The security on this system allows RACD access to users
with Operator or System Manager capability.
:listf cd@skt,-2
ACCOUNT= SYS GROUP= PUB
FILENAME ------------ACD ENTRIES--------------
CDMGRSKT $GROUP : R,W,X,A,L,RACD
@.SYS : R,W,X,A,L,RACD
CDSRVSKT $GROUP : R,W,X,A,L,RACD
@.SYS : R,W,X,A,L,RACD
The next example shows a response to the command from a system that does
not have an ACD set. This system allows access to any user.
:listf cd@skt,-2
ACCOUNT= SYS GROUP= PUB
FILENAME ------------ACD ENTRIES--------------
CDMGRSKT NO ACDS
CDSRVSKT NO ACDS
Depending on your site security procedures, you may not want to allow
write access to the CD@SKT files for users with Operator capability. If
you don't want to allow this access, you can move all the CD@.PUB.SYS
files to another group and run CDSERVER and CDMGR from that group. The
new group requires both privileged mode (PM) and process handling (PH)
capabilities.