Manualshelf

FTAM/9000 User's Guide

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software
71727374757677787980
76 Chapter 5
FTAM File Protection
Concepts of FTAM File Protection
Now examine the italicized entry labelled Access Control. Each user in
this category is granted different permissions:
The owner of the file, user, has full permission (excluding Insert, as
just noted).
Co-workers in the owner's group can Read, eXtend, and read the
Attributes of the file; they are excluded from any other activity that
involves this file.
Other users on the system can only Read the file; they are excluded
from any other activity that involves this file.
File protection constraints like this are placed on the file using the fcattr
-i command, or the cattr -i command within ftam. Once the file has file
protection (access control) on it, users must use the -z option (for
command-line FTAM), or ftam's set (-y or -z) command, to do anything
with the file. See “Using FTAM File Protection” later in this chapter for
details.
File-Action Passwords
The FTAM specification makes it possible to apply a password to each
file action. Then a user must know the password before he can perform
the action.
Note, however, that HP-UX FTAM does not keep track of file–action
passwords. There is no effect if you attempt to set (or satisfy) file–action
passwords for files stored by an HP-UX FTAM host, either local or
remote. However, you can satisfy (i.e., supply) a file–action password
when a remote FTAM host requires one, via the –z option and an
action/concurrency string. These are discussed in the next section.
Concurrency Control
As noted previously, concurrency control is applied independently to each
action. Concurrency control governs whether and how multiple users can
perform a given action with the file.
Once again, examine the shaded Access Control entry in the previous
example. Concurrency control can be associated with each of the actions
listed for the users in the Access Control list.
For example, for the users in the example file owner's group, it is possible
to limit eXtend access to occur only when a single user has access to the
file. This is called “exclusive” access . The other actions for a group user