Other disk-file security features, The clearonpurge attribute – HP Integrity NonStop J-Series User Manual

Page 51

Advertising
background image

Securing Disk Files

Safeguard User’s Guide — 422089-020

3 - 17

Other Disk-File Security Features

In the previous examples in this section, you are the only owner of quarter1. Assume
you want user ID 2,18 to own quarter1 also. You could change the OWNER attribute,
but then you would no longer own the file. Instead, you might want to grant user ID
2,18 OWNER authority in an access control list.

To give user ID 2,18 OWNER authority:

=ALTER DISK quarter1, ACC 2,18 O

The INFO display now shows an O in the entry for user ID 2,18:

=INFO DISK quarter1, DETAIL

Other Disk-File Security Features

The Safeguard subsystem provides five special attributes for disk files:
CLEARONPURGE, PERSISTENT, LICENSE, PROGID, and, in H-series RVUs only,
TRUST. Like other security attributes, these attributes can be specified with the ADD
DISKFILE, ALTER DISKFILE, or SET DISKFILE commands.

The CLEARONPURGE Attribute

Normally, a disk process purges a disk file by removing the file entry from the volume
directory, thereby releasing the space occupied by the file. However, the data is not
physically erased from the disk and is vulnerable to intruders until it is overwritten by
another file. If you purge a file with CLEARONPURGE ON, however, the disk process
writes null characters over all space allocated to the file.

LAST-MODIFIED OWNER STATUS WARNING-MODE

$DATA.SALES

QUARTER1 23JAN05, 15:43 2,1 THAWED OFF

002,001 R,W,E,P

002,006 DENY W

002,018 R,W,E,P, O

004,012 R

008,004 DENY R

002,* R,W

008,* R

OBJECT-TEXT-DESCRIPTION =

AUDIT-PRIV-LOGON = OFF

AUDIT-ACCESS-PASS = NONE AUDIT-MANAGE-PASS = NONE

AUDIT-ACCESS-FAIL = REMOTE AUDIT-MANAGE-FAIL = ALL

LICENSE = OFF PROGID = OFF CLEARONPURGE = OFF PERSISTENT = OFF

TRUST = OFF PRIV-LOGON = OFF

Note. The attributes, AUDIT-PRIV-LOGON and PRIV-LOGON, are supported only on systems
running H06.11 and later H-series RVUs and G06.32 and later G-series RVUs. The OBJECT-
TEXT-DESCRIPTION attribute is supported only on systems running J06.05 and later J-series
RVUs and H06.16 and later H-series RVUs.

Advertising
This manual is related to the following products:

NonStop G-Series, Integrity NonStop H-Series

Popular Brands
Popular manuals