OSI/FTAM Responder Manual-425199-001

Compaq FTAM Responder Support of	Security Group File Attributes
ISO FTAM Functions

•If any of the insert, replace, extend, change-attribute, or erase access-control bits of the action list are set, the responder sets WRITE access to N, indicating that any user on the Expand network can write to the file.

•If the delete-file access-control bit of the action list is set, the responder sets PURGE access to N, indicating that any user on the Expand network can purge the file.

For delete-values:

•If the read access-control bit of the action list is set, the responder sets READ access to –, indicating that only the super ID user can read the file.

•If all of the insert, replace, extend, change-attribute, or erase access-control bits of the action list are set, the responder sets WRITE access to –, indicating that only the super ID user can write to the file. If only some of these access-control bits are set, there is no change.

•If the delete-file access-control bit of the action list is set, the responder sets PURGE access to –, indicating that only the super ID user can purge the file.

Note. EXECUTE access is always set to –, indicating that only the super ID user can execute the file.

Reading File Attributes. When the Compaq responder reads FTAM file attributes for document types other than NBS-9, it maps the values for access control from Guardian security based on the user ID for the association, as defined by the initiator-identity parameter sent in the F-INITIALIZE request or by the DEFUSER attribute specified in the VFS profile configured for this responder. This mapping shows which actions that user can perform. (For NBS-9 files, the action list on a read-attribute action is always [read, read-attribute]).

The user has specific access (READ, WRITE, EXECUTE, or PURGE) to a file if one of the following applies:

•

User is super ID, and file is on the same Expand node as the responder. Guardian security is N.

Guardian security is A, and file is on the same Expand node as the responder. Guardian security is C, and user is in the same group as the owner of the file.

Guardian security is G, and user is in the same group as the owner of the file, and file is on the same Expand node as the responder.

•

Guardian security is U, and user is the owner of the file.

Guardian security is O, user is the owner of the file, and file is on the same Expand node as the responder.

The Compaq responder sets the individual bits of the action list according to the Guardian access allowed for the user. Table 4-14 shows how Guardian security maps to FTAM action-list settings.

OSI/FTAM Responder Manual—425199-001

4-20

Compaq OSI/APLMGR D43, OSI/FTAM D43 manual OSI/FTAM Responder Manual-425199-001

Models: OSI/FTAM D43 OSI/APLMGR D43

OSI/FTAM Responder Manual—425199-001