Safeguard User’s GuideAbstractThis manual describes the Safeguard product, the use of the command interpreter SAFECOM, and the basic security tasks pe
ContentsSafeguard User’s Guide — 422089-020vi
Working with PatternsSafeguard User’s Guide — 422089-0209 - 4One-Dimensional SearchBoth of these patterns match files 1 and 2. However, only one prote
Working with PatternsSafeguard User’s Guide — 422089-0209 - 5Safeguard Pattern ConfigurationSafeguard Pattern ConfigurationUse the Safeguard configura
Working with PatternsSafeguard User’s Guide — 422089-0209 - 6Safeguard Pattern ConfigurationThe pattern protection records are stored in a new file in
Working with PatternsSafeguard User’s Guide — 422089-0209 - 7Safeguard Pattern ConfigurationTable 9-2 describes CHECK-DISKFILE-PATTERN settings when i
Working with PatternsSafeguard User’s Guide — 422089-0209 - 8Safeguard Pattern Configurationaccess evaluation based on the Safeguard global configurat
Working with PatternsSafeguard User’s Guide — 422089-0209 - 9Safeguard Pattern Configurationthe Safeguard global configuration attribute COMBINATION-D
Working with PatternsSafeguard User’s Guide — 422089-0209 - 10Safeguard Pattern ConfigurationNM Y N Deny Permit DenyNM Y NR Deny Permit DenyNM Y Y Den
Working with PatternsSafeguard User’s Guide — 422089-0209 - 11SAFECOM Diskfile-Pattern Commands Examples•To set diskfile pattern searches to be perfor
Working with PatternsSafeguard User’s Guide — 422089-0209 - 12ADD DISKFILE-PATTERNsecurity commands, see the Safeguard Reference Manual. Patterns may
Working with PatternsSafeguard User’s Guide — 422089-0209 - 13ALTER DISKFILE-PATTERNALTER DISKFILE-PATTERNALTER DISKFILE-PATTERN Examples•To alter a d
Safeguard User’s Guide — 422089-020viiWhat’s New in This ManualManual InformationSafeguard User’s GuideAbstractThis manual describes the Safeguard pro
Working with PatternsSafeguard User’s Guide — 422089-0209 - 14INFO DISKFILE-PATTERN4. $DATA3.A*.B*INFO DISKFILE-PATTERN $DATA1.A*.* would return patte
Working with PatternsSafeguard User’s Guide — 422089-0209 - 15RESET DISKFILE-PATTERNGROUP TEST R,W,E,P,C GROUP \KONA.TEST R \*.*.*•To display the disk
Working with PatternsSafeguard User’s Guide — 422089-0209 - 16SHOW DISKFILE-PATTERNSHOW DISKFILE-PATTERNSHOW DISKFILE-PATTERN ExampleTo show the curre
Working with PatternsSafeguard User’s Guide — 422089-0209 - 17ADD SAVED-DISKFILE-PATTERNADD SAVED-DISKFILE-PATTERNADD SAVED-DISKFILE-PATTERN Examples1
Working with PatternsSafeguard User’s Guide — 422089-0209 - 18DELETE SAVED-DISKFILE-PATTERN This command alters the saved-diskfile-pattern for al
Working with PatternsSafeguard User’s Guide — 422089-0209 - 19RESET SAVED-DISKFILE-PATTERNGROUP \KONA.TEST R \*.*.* R2. To display the saved
Working with PatternsSafeguard User’s Guide — 422089-0209 - 20SHOW SAVED-DISKFILE-PATTERNSHOW SAVED-DISKFILE-PATTERNSHOW SAVED-DISKFILE-PATTERN Exampl
Safeguard User’s Guide — 422089-020A - 1A Guardian File SecurityThe Guardian environment automatically provides a basic level of security for all disk
Guardian File SecuritySafeguard User’s Guide — 422089-020A - 2Displaying Default SecurityFor example, a security string of AUAU specifies that any loc
Guardian File SecuritySafeguard User’s Guide — 422089-020A - 3Displaying File SecurityDisplaying File SecurityYou can examine the security string for
What’s New in This ManualSafeguard User’s Guide — 422089-020viiiChanges to 422089-019 Manual:Changes to 422089-019 Manual:•Added new example on page 3
Guardian File SecuritySafeguard User’s Guide — 422089-020A - 4Changing the Security String Through FUP1. Use the TACL WHO command to check your curren
Guardian File SecuritySafeguard User’s Guide — 422089-020A - 5Changing the Security String Through FUP1. Create the new files:2. Change the security s
Guardian File SecuritySafeguard User’s Guide — 422089-020A - 6Changing the Security String Through FUP
Safeguard User’s Guide — 422089-020B - 1B Protecting Your TerminalAs a general user, you need to take certain precautions to protect your terminal and
Protecting Your TerminalSafeguard User’s Guide — 422089-020B - 2Logging OffAs a final precaution in logging off, always clear your screen. Usually, TA
Safeguard User’s Guide — 422089-020C - 1C SAFECOM Command SyntaxThis appendix summarizes the syntax of the SAFECOM commands presented in this manual.
SAFECOM Command SyntaxSafeguard User’s Guide — 422089-020C - 2SAFECOM Command Syntaxobject-typecan be any of the following:DISKFILE DISKFILE-PATTE
SAFECOM Command SyntaxSafeguard User’s Guide — 422089-020C - 3SAFECOM Command Syntaxcommand is one of the following DISPLAY commands:[ AS ] COMMANDS [
SAFECOM Command SyntaxSafeguard User’s Guide — 422089-020C - 4SAFECOM Command SyntaxDETAIL SUMMARY option is one of the following:GENERAL DET
SAFECOM Command SyntaxSafeguard User’s Guide — 422089-020C - 5SAFECOM Command Syntaxoption is one of the following:GENERAL DETAIL AUDIT CI OSS REMOTEP
What’s New in This ManualSafeguard User’s Guide — 422089-020ixChanges to the H06.19/J06.08 Manual°DISK-FILE-ATTRIBUTES Table 3-2 on page 3-2.°AUDIT-PR
SAFECOM Command SyntaxSafeguard User’s Guide — 422089-020C - 6SAFECOM Command SyntaxAUDIT-ACCESS-FAIL [audit-spec] AUDIT-MANAGE-PASS [audit-spec] AUDI
SAFECOM Command SyntaxSafeguard User’s Guide — 422089-020C - 7SAFECOM Command SyntaxSYNTAX [ ONLY ] ON | OFFSYSTEM [ \system-name ]THAW object-type
SAFECOM Command SyntaxSafeguard User’s Guide — 422089-020C - 8SAFECOM Command Syntax
Safeguard User’s Guide — 422089-020Glossary - 1Glossaryaccess control list. A list associated with an object that itemizes the subjects authorized to
GlossarySafeguard User’s Guide — 422089-020Glossary - 2primary ownerprimary owner. The owner of a Safeguard protection record whose user ID appears a
Safeguard User’s Guide — 422089-020Index - 1IndexAAbbreviating reserved words 3-2, 7-17ACCESS attribute 1-2ACCESS authoritiesfor disk files 3-7for
IndexSafeguard User’s Guide — 422089-020Index - 2EDETAIL option of INFO DISKFILE command 3-16Direction Diskfile Filename first note 9-8Direction Dis
IndexSafeguard User’s Guide — 422089-020Index - 3MLogging on 2-2Logon dialog 2-2Logon prompt 2-1MManaging a SAFECOM session 7-2OOBEY command 7-2O
IndexSafeguard User’s Guide — 422089-020Index - 4TSafeguard, compared to standard security 1-4Securing disk files 3-1Securing disk subvolumes 4-2Se
IndexSafeguard User’s Guide — 422089-020Index - 5Special Characters= (equal sign)SAFECOM command prompt 7-1? (question mark) commanddisplays a previo
What’s New in This ManualSafeguard User’s Guide — 422089-020xChanges to the H06.19/J06.08 Manual
IndexSafeguard User’s Guide — 422089-020Index - 6Special Characters
Safeguard User’s Guide — 422089-020xiAbout This ManualThis user's guide is intended for all Safeguard users. It is intended especially for the ge
About This ManualSafeguard User’s Guide — 422089-020xiiNotation ConventionsNotation ConventionsHypertext LinksBlue underline is used to indicate a hyp
About This ManualSafeguard User’s Guide — 422089-020xiiiGeneral Syntax Notationeach side of the list, or horizontally, enclosed in a pair of brackets
About This ManualSafeguard User’s Guide — 422089-020xivNotation for MessagesLine Spacing. If the syntax of a command is too long to fit on a single l
About This ManualSafeguard User’s Guide — 422089-020xvNotation for MessagesNonitalic text. Nonitalic letters, numbers, and punctuation indicate text
Document History Part Number Product Version Published422089-013 Safeguard G07, H04 August 2009422089-014 Safeguard G07, H04 November 2009422089-015 S
About This ManualSafeguard User’s Guide — 422089-020xviNotation for Management Programming InterfacesNotation for Management Programming InterfacesThe
Safeguard User’s Guide — 422089-0201 - 11Introduction to the Safeguard SubsystemThe Safeguard subsystem extends the security features of the Guardian
Introduction to the Safeguard SubsystemSafeguard User’s Guide — 422089-0201 - 2User Authenticationadditional control over the authentication process,
Introduction to the Safeguard SubsystemSafeguard User’s Guide — 422089-0201 - 3Object AuthorizationFigure 1-1 shows the Safeguard object databases and
Introduction to the Safeguard SubsystemSafeguard User’s Guide — 422089-0201 - 4AuditingAuditingAt your request, the Safeguard subsystem can create aud
Introduction to the Safeguard SubsystemSafeguard User’s Guide — 422089-0201 - 5The Safeguard Subsystem and Standard Securityand modify an access contr
Introduction to the Safeguard SubsystemSafeguard User’s Guide — 422089-0201 - 6The Safeguard Subsystem and Standard SecuritySimilarly, to achieve the
Introduction to the Safeguard SubsystemSafeguard User’s Guide — 422089-0201 - 7Components of the Safeguard SubsystemThe relationship between the Safeg
Introduction to the Safeguard SubsystemSafeguard User’s Guide — 422089-0201 - 8Who Can Use the Safeguard Subsystem?The security administrator can deci
Safeguard User’s Guide — 422089-0202 - 12 Safeguard Logon DialogThis section explains how to log on and how to change your password on systems where t
Legal Notices© Copyright 2014 Hewlett-Packard Development Company L.P. Confidential computer software. Valid license from HP required for possession,
Safeguard Logon DialogSafeguard User’s Guide — 422089-0202 - 2Using the LOGON CommandYou can also terminate the LOGON command at any time by pressing
Safeguard Logon DialogSafeguard User’s Guide — 422089-0202 - 3Changing Your Password With Blind Passwordsappears only if the password has an expiratio
Safeguard Logon DialogSafeguard User’s Guide — 422089-0202 - 4Logging On With an Expired PasswordLast Logon: 18 DEC 1994, 11:23 Last Unsuccessful Att
Safeguard Logon DialogSafeguard User’s Guide — 422089-0202 - 5Changing Your Password With Displayable Passwordsprocedure. With displayable passwords,
Safeguard Logon DialogSafeguard User’s Guide — 422089-0202 - 6Logging On to a Remote SystemLogging On to a Remote SystemTo access a remote system usin
Safeguard User’s Guide — 422089-0203 - 13 Securing Disk FilesThis section acquaints you with the process of securing disk files with the Safeguard sub
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 2Table 3-2 shows the disk-file security attributes you can control. This section describes t
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 3Getting StartedGetting StartedYou must use SAFECOM, the Safeguard command interpreter, to e
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 4Adding a Disk File to the Safeguard SubsystemSafeguard control by creating an authorization
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 5Controlling Default AttributesOnce again, display the authorization record:=INFO DISKFILE r
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 6Controlling Default AttributesThe display shows the default attributes for a disk file that
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 7Working With Access Control ListsWorking With Access Control ListsYou can define access con
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 8Specifying Access With the ADD DISKFILE CommandParentheses enclose multiple access authorit
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 9Specifying Access With the ALTER DISKFILE CommandTo see the settings for quarter1:=INFO DIS
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 10Specifying Access With the ALTER DISKFILE CommandThe display shows:An entry for user ID 9,
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 11Deleting an Access Control List EntryThe display shows:.A grant of authorities for a speci
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 12Granting or Denying Access to an ACLThe entry for user ID 9, 23 has been removed from the
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 13Using One Authorization Record to Define AnotherExample 1: 040,002 R 040,004
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 14Freezing and Thawing an Access Control ListFor example, suppose you want to use the same a
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 15Specifying Auditing ConditionsFor example, the owner of the disk file (user ID 2,1) can re
Hewlett-Packard Company — 422089-020iSafeguard User’s GuideGlossary Index Figures TablesLegal NoticesWhat’s New in This Manual viiManual Informat
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 16Specifying OwnershipTo display the audit settings for quarter1:=INFO DISKFILE quarter1, DE
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 17Other Disk-File Security FeaturesIn the previous examples in this section, you are the onl
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 18The PERSISTENT AttributeTo set the CLEARONPURGE attribute for the file quarter1, used in t
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 19The LICENSE AttributeTo verify the setting:=INFO DISKFILE quarter1, DETAILThe PERSISTENT a
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 20The PROGID AttributeYou can also use the WHERE LICENSE option with the ALTER, DELETE, FREE
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 21The TRUST AttributeThe TRUST AttributeThe TRUST attribute enables the operating system to
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 22The PRIV-LOGON { ON | OFF} AttributeTo verify the setting:=INFO DISK progfile, DETThe PRIV
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 23Removing a File From Safeguard ControlWhen a file is removed from the Safeguard database,
Securing Disk FilesSafeguard User’s Guide — 422089-0203 - 24Removing a File From Safeguard Control
Safeguard User’s Guide — 422089-0204 - 14 Securing SubvolumesThe Safeguard subsystem allows you to secure disk subvolumes in generally the same manner
ContentsSafeguard User’s Guide — 422089-020ii3. Securing Disk Files (continued)3. Securing Disk Files (continued)Working With Access Control Lists
Securing SubvolumesSafeguard User’s Guide — 422089-0204 - 2Access Authorities for SubvolumesAccess Authorities for SubvolumesBy default, anyone can pr
Safeguard User’s Guide — 422089-0205 - 15Securing Processes and SubprocessesYou secure processes and subprocesses in generally the same manner as disk
Securing Processes and SubprocessesSafeguard User’s Guide — 422089-0205 - 2Protecting ProcessesProtecting ProcessesProcess descriptors contain a seque
Safeguard User’s Guide — 422089-0206 - 16Obtaining User and Alias InformationAs a general user, you can obtain security information about your disk fi
Obtaining User and Alias InformationSafeguard User’s Guide — 422089-0206 - 2Viewing Your User Authentication Record•CREATION-TIME of the user.•Creator
Obtaining User and Alias InformationSafeguard User’s Guide — 422089-0206 - 3Viewing Your User Authentication Record1> SAFECOM INFO USER 8,54, DETAI
Obtaining User and Alias InformationSafeguard User’s Guide — 422089-0206 - 4What the INFO USER Display Tells YouWhat the INFO USER Display Tells YouAs
Obtaining User and Alias InformationSafeguard User’s Guide — 422089-0206 - 5About Alias Authentication Recordsunexpectedly, notify your security admin
Obtaining User and Alias InformationSafeguard User’s Guide — 422089-0206 - 6Viewing an Alias Authentication RecordViewing an Alias Authentication Reco
Obtaining User and Alias InformationSafeguard User’s Guide — 422089-0206 - 7What the INFO ALIAS Display Tells YouWhat the INFO ALIAS Display Tells You
ContentsSafeguard User’s Guide — 422089-020iii7. Working With SAFECOM (continued)7. Working With SAFECOM (continued)Entering More Than One Command
Obtaining User and Alias InformationSafeguard User’s Guide — 422089-0206 - 8What the INFO ALIAS Display Tells You
Safeguard User’s Guide — 422089-0207 - 17 Working With SAFECOMSAFECOM is the Safeguard command interpreter. You can use SAFECOM to enter commands in a
Working With SAFECOMSafeguard User’s Guide — 422089-0207 - 2SAFECOM Session-Control Commandsallows you to use the HISTORY, ?, !, and FC session-contro
Working With SAFECOMSafeguard User’s Guide — 422089-0207 - 3Checking Your ProgressChecking Your ProgressIn an interactive command session, SAFECOM exe
Working With SAFECOMSafeguard User’s Guide — 422089-0207 - 4Continuing Commands From One Line to the NextThe comments "Interactive, OUT = IN"
Working With SAFECOMSafeguard User’s Guide — 422089-0207 - 5Redirecting Output for a Single CommandRedirecting Output for a Single CommandUsually, wit
Working With SAFECOMSafeguard User’s Guide — 422089-0207 - 6Getting Online HelpTo display a list of the commands at the SAFECOM prompt:=HELPAs the pre
Working With SAFECOMSafeguard User’s Guide — 422089-0207 - 7Displaying and Editing Previous CommandsDisplaying and Editing Previous CommandsSAFECOM pr
Working With SAFECOMSafeguard User’s Guide — 422089-0207 - 8Displaying and Editing Previous CommandsDisplaying a Specific CommandThe ? command allows
Working With SAFECOMSafeguard User’s Guide — 422089-0207 - 9Displaying and Editing Previous CommandsCorrecting Mistakes Using the FC CommandThe FC com
ContentsSafeguard User’s Guide — 422089-020iv9. Working with Patterns (continued)9. Working with Patterns (continued)Multi-Dimensional Search 9-4
Working With SAFECOMSafeguard User’s Guide — 422089-0207 - 10Leaving SAFECOM Without Losing Defaults (Using the Break Key)PROGFILE is changed to FILE0
Working With SAFECOMSafeguard User’s Guide — 422089-0207 - 11Using SAFECOM in Execute-and-Quit ModeUsing SAFECOM in Execute-and-Quit ModeIf you need t
Working With SAFECOMSafeguard User’s Guide — 422089-0207 - 12Placing Comments in a Command Fileexecute the commands in the EDIT file, run SAFECOM and,
Working With SAFECOMSafeguard User’s Guide — 422089-0207 - 13Executing a Command File During an Interactive SessionYou can embed comments within a com
Working With SAFECOMSafeguard User’s Guide — 422089-0207 - 14Error Handling in Command Fileswhich a batch operation uses the command file $system.mgr.
Working With SAFECOMSafeguard User’s Guide — 422089-0207 - 15Using Wild-Card Characters in SAFECOM CommandsUsing Wild-Card Characters in SAFECOM Comma
Working With SAFECOMSafeguard User’s Guide — 422089-0207 - 16RestrictionsThe following command displays attributes of all disk files in the current su
Working With SAFECOMSafeguard User’s Guide — 422089-0207 - 17Abbreviating SAFECOM Commands•Wild cards in ADD commands for disk files, volumes, and sub
Working With SAFECOMSafeguard User’s Guide — 422089-0207 - 18Checking Command Syntax OnlySAFECOM RUN command are the same as those of the TACL RUN com
Safeguard User’s Guide — 422089-0208 - 18 Changing Display OptionsSAFECOM provides a DISPLAY command that allows you to customize your SAFECOM prompt
ContentsSafeguard User’s Guide — 422089-020vTables (continued)Tables (continued)Table 3-1. Disk-File Commands 3-1Table 3-2. Disk-File Attributes
Changing Display OptionsSafeguard User’s Guide — 422089-0208 - 2Editing Your SAFECOM Prompt To understand the use of DISPLAY PROMPT, consider the fol
Changing Display OptionsSafeguard User’s Guide — 422089-0208 - 3Controlling INFO Report WarningsControlling INFO Report WarningsSAFECOM normally displ
Changing Display OptionsSafeguard User’s Guide — 422089-0208 - 4Controlling INFO Report HeadingsThe INFO command WARNINGS option has three forms:For e
Changing Display OptionsSafeguard User’s Guide — 422089-0208 - 5Controlling the INFO DETAIL Option for a SessionThe display shows:To eliminate the mul
Changing Display OptionsSafeguard User’s Guide — 422089-0208 - 6Displaying User IDs or User NamesDISPLAY DETAIL has three forms:If you use the DISPLAY
Changing Display OptionsSafeguard User’s Guide — 422089-0208 - 7Displaying INFO Output as CommandsBy default, the INFO report identifies users by thei
Changing Display OptionsSafeguard User’s Guide — 422089-0208 - 8Specifying a DISPLAY Command ListThe display shows:By default, the INFO command output
Safeguard User’s Guide — 422089-0209 - 19 Working with PatternsBackgroundThe NonStop operating system groups files into subvolumes and volumes. Safegu
Working with PatternsSafeguard User’s Guide — 422089-0209 - 2How do Patterns Differ From What was Used Before?How do Patterns Differ From What was Use
Working with PatternsSafeguard User’s Guide — 422089-0209 - 3Pattern GeneralityNot a legal pattern protection record because it has wildcards in the v
Comments to this Manuals