ALTSEC

Operation Notes

You use the ALTSEC command to alter securit y provisions for ￿les, hierarc hical directories, devices, and device classes b y manipulating an object's access control de￿nition (A CD) or its access mask. All of these objects ma y have ACDs, but only ￿les ha ve access masks whic h can be changed using this command. An object's A CD may be altered using this command with the ACD keywords NEWACD , REPACD , COPYACD , ADDPAIR , REPPAIR , DELPAIR , DELACD , and MASK. A ￿le's access mask ma y be altered using either the ACCESS keyword or an access speci￿cation without a k eyword. Using the ACCESS keyword is a recommended practice to help distinguish bet ween ￿le access mask and A CD operations.

Only the owner of a ￿le can use the ALTSEC command to change a ￿le's access mask. Object o wners and users with appropriate privilege can use this command to manipulate an object's A CD. Files and hierarc hical directories have their owner's identity and a ￿le group ID (GID) stored in their ￿le labels. System managers ha ve the appropriate privilege to manipulate the A CDs for all objects. Accoun t managers for the accoun t matching an object's GID ha ve appropriate privilege. Devices are o wned by system managers. The abilit y to manipulate an ACD or ￿le mask is not a￿ected b y the object access curren tly granted to a user.

File ACDs override ￿le lockwords and the ￿le access matrix. A CDs permit more precise access con trol than the ￿le access matrix b y allowing access permissions to speci￿c users. MPE/iX allo ws you to specify a maximum of 40 ACD pairs for a particular object. Since a large n umber of ACD pair speci￿cations o ver￿ows the command line bu￿er, y ou must enter large numbers of ACD speci￿cations ma y be entered through an indirect ￿le.

The ALTSEC command fails if y ou attempt to alter the access permissions for a permanent disk ￿le whose group's home v olume set is not moun ted.

File Access Matrix Examples

Note

You can use LISTFILE,4 to view the ￿le access matrix.

 

 

2-30 MPE/iX Commands