|
|
|
|
For additional access control, you can set access control lists (ACLs) on volumes. Volume ACLs are copied from the VOLUME.DEFAULT security class template. See Creating Access Control Lists for more information about ACLs.
Access Types for Disk and Tape Volumes shows the types of access you can assign to disk and tape volumes.
For more information about specifying protection codes, refer to the OpenVMS Guide to System Security . Security Considerations discusses protection in general.
The following sections explain how to perform these operations:
Task | Section |
---|---|
Protecting
disk volumes
|
Protecting Disk Volumes
|
Protecting
tape volumes
|
Protecting Tape Volumes
|
Auditing volume access
|
Auditing Volume Access
|
Protecting Disk Volumes
For file-structured ODS-2 volumes, the OpenVMS operating system
supports the types of access shown in
Access Types for Disk and Tape Volumes. The system provides protection of ODS-2 disks at
the volume, directory, and file levels. Although you might have
access to the directories and files on the volume, without the proper
volume access, you are unable to access any part of a volume.
The default access types for the disk volume owner [0,0] are:
S:RWCD, O:RWCD, G:RWCD, W:RWCD.
The system establishes this protection with the default qualifier of the INITIALIZE command (/SHARE). Any attributes that you do not specify are taken from the current default protection.
You can change permanently stored protection information in the following ways:
The following sections explain how to perform these tasks:
Task | Section |
---|---|
Specify protection
when you initialize volumes
|
Specifying Protection When You Initialize Disk Volumes
|
Change protection
after volumes are mounted
|
Changing Protection After Disk Volumes Are Mounted
|
Display protection
|
Displaying UIC- and ACL-Based Protection
|
Specifying Protection When You Initialize
Disk Volumes
This section explains how to specify UIC-based volume protection
and ISO 9660-formatted media protection when you initialize volumes.
Specifying UIC-Based Protection
You can specify protection in one of the following ways when you initialize volumes:
This example specifies a protection code for the disk volume ACCOUNT1 on the DUA7: device. The UIC of the volume is set to your process UIC.$
INITIALIZE DUA7: ACCOUNT1/PROTECTION=(S:RWCD,O:RWCD,G:R,W:R)
Using INITIALIZE Command Qualifiers for Protection
You usually do not change volume protection after you initialize a volume. By specifying a protection qualifier with the INITIALIZE command, you can establish the default protection of a volume. (The default qualifier of the INITIALIZE command is /SHARE, which grants all types of ownership all types of access.)
INITIALIZE Command Qualifiers for Protection explains the qualifiers you can use to specify disk volume protection when you initialize disk volumes.
The /SYSTEM qualifier grants all users complete access.
However, users cannot create directories or files unless you perform
one of the following actions:
|
Qualifier | UIC | Protection |
---|---|---|
/SYSTEM
|
[1,1]
|
S:RWCD,O:RWCD,G:RWCD,W:RWCD
|
/SYSTEM/NOSHARE
|
[1,1]
|
S:RWCD,O:RWCD,G:RWCD,W:RWCD
|
/GROUP
|
[x,0]
|
S:RWCD,O:RWCD,G:RWCD,W
|
/SHARE (the
default)
|
[x,x]1
|
S:RWCD,O:RWCD,G:RWCD,W:RWCD
|
/NOSHARE
|
[x,x]
|
S:RWCD,O:RWCD,G,W
|
Specifying ISO 9660-Formatted Media Protection
The OpenVMS implementation of ISO 9660 does not include volume or volume set protection. The protection specified for the device on which the media is mounted determines accessibility to the ISO 9660 volumes or volume sets.
By default, the device protection is assigned to ISO 9660 files and directories. When you mount the volume, you can specify additional file protection using the UIC and PERMISSION protection fields included in the Extended Attribute Records (XARs) that might be associated with each file.
You can enable the protection fields by specifying either of the following items:
For more information about the XAR and DSI options, refer to the OpenVMS Record Management Utilities Reference Manual .
Changing Protection After Disk Volumes Are
Mounted
You can change protection by using the SET SECURITY/CLASS=VOLUME
command with the /PROTECTION, /OWNER, or /ACL qualifier to change
any aspect of the volume security profile.
To change UIC-based protection after a volume is mounted, use the SET SECURITY/CLASS=VOLUME/PROTECTION command. For example:
The protection set in this example allows the system and owner all types of access. Group and world access types can only read files and run programs. Any category not specified in the protection code (S,O,G,W) is unchanged.$
SET SECURITY/CLASS=VOLUME/PROTECTION=(S:RWCD,O:RWCD,G:RC,W:RC) DUA0:
To change ACL-based protection after a volume is mounted, use the SET SECURITY/CLASS=VOLUME/ACL command. To change the ACL, for example:
This example gives holders of the DOC identifier read, write, and execute access to the $1$DSA7: volume.$
SET SECURITY/CLASS=VOLUME/ACL=(IDENTIFIER=DOC,ACCESS=READ+WRITE+EXECUTE) -
_$
$1$DSA7:
Displaying UIC- and ACL-Based Protection
You can use the SHOW SECURITY/CLASS=VOLUME command to display
protection. For example:
The following example shows the resulting display:$
SHOW SECURITY/CLASS=VOLUME $1$DSA27:
$1$DSA27: object of class VOLUME Owner: [1,1] Protection: (System: RWCD, Owner: RWCD, Group: RWCD, World: RWCD) Access Control List: (IDENTIFIER=[ABC,SADAMS],ACCESS=READ+WRITE+CREATE+DELETE)In the display are the name and profile of the VOLUME class object $1$DSA27. The profile includes the owner UIC, the protection code, and the access control list (ACL) of the protected object.
Protecting Tape Volumes
The system protects magnetic tapes only at the volume level.
You establish protection when you initialize tape volumes; after
that, the Mount utility (MOUNT) enforces the protection that you
have established.
You can use two levels of protection for tape volumes:
Level of Protection | Description |
---|---|
Guidelines
of the ISO standard
|
The ISO standard, which
is the first level of protection, is encoded in the accessibility
field of the first volume label written on the magnetic tape. With
this protection scheme, you can protect tape volumes in environments where
interchange exists between the OpenVMS system and the operating system
that is not OpenVMS.
|
UIC-based protection scheme
supported by system software
|
This second level of protection is encoded
in the second volume label written on the magnetic tape. Only OpenVMS
systems check this scheme; it is ignored in any interchange with
operating systems that are not OpenVMS.
|
Standard-Labeled Tape Protection
The OpenVMS tape file system bases its accessibility protection on the ISO standards. This protection allows an installation routine to use a routine that interprets the contents of the volume- and header-label accessibility field. Refer to the $MTACCESS system service in the HP OpenVMS System Services Reference Manual for more information about installation routines.
Access Types with Default Protection
When you do not supply a protection code during initialization, all users receive read and write access, explained in Access Types for Tape Volume Protection.
Access Type | Gives you the right to... |
---|---|
Read
|
Examine, print, or copy
files from the volume.
|
Write
|
Append or write files to the volume.
|
The security profile of a tape volume is stored in the ANSI VOL1 and VOL2 labels written on the tape. The VOL2 label contains system-specific information. To override the creation of VOL2 labels, specify the /INTERCHANGE qualifier with the INITIALIZE command or the INIT$_INTERCHANGE itemcode on the $INIT_VOL system service.
The operating system also supports foreign tape volumes. (Foreign volumes either lack the standard volume label or have been mounted with the /FOREIGN qualifier.) When a tape volume is mounted with the /FOREIGN qualifier, users in the system and owner categories are always given full access (read, write, logical, and physical), regardless of what is specified in the protection code.
Using the /PROTECTION Qualifier with Tape
Volumes
If you use the /PROTECTION qualifier when you initialize tape
volumes, the protection code is written to a system-specific volume
label.
With the /PROTECTION qualifier, the system applies only read (R) and write (W) access restrictions. (Execute [E] and delete [D] access do not apply.) The system and the owner always receive both read (R) and write (W) access to magnetic tapes, regardless of the protection code you specify.
Protecting
Tape Volumes for Interchange Environments
You can protect tape volumes for interchange between OpenVMS
and other operating systems.
The following list contains guidelines for protecting specific types of magnetic tapes:
If the tape was created with a specified accessibility, then a user must have the appropriate privilege and must explicitly override the check on accessibility. |
If the tape volume was not created with such a protection scheme, then a user is granted read and write access to that tape volume. |
Auditing Volume Access
You can enable auditing for the volume object class; the system
then audits disk volume access, with the following exceptions:
1 x,x is the UIC of the process that performs the initialization.
( Number takes you back )
|
|