Access

Evaluates and displays a users access rights on any object

05Jan2007
Support of code 800 type objects.

05May2006
Support for checking the 'access right owner' only implemented. This allows an easy check to find out, if there are disk file objects which are NOT protected by a SAFEGUARD ACL.

27Apr2006
Support for disk file templates added.

23Jun2005
Accessing remote objects is now rejected.

Access retrieves the access rights of an object for a given user.

Command syntax is:

[run] ACCESS [/OUT /] [] [,USER ]

where

is one of: DEVICE
DISKFILE (default)
PROCESS
SUBDEVICE
SUBPROCESSis the file to be evaluated
only local files are supported!

optional; defines the user to be evaluated;
Named as well as ID formats are OK;
Allows network format, e.g. \*,GHS.CARL
Default is the ACCESS user.
e.g.:
ACCESS $ghs1.secom.secom,user \*,ghs.carl
ACCESS diskfile mpwd,user \*,100,23
ACCESS process $xyz,user Carlito
A session looks like this:

$GHS1 ACCESS 206> access $ghs1.secom.secom,user ghs.gerhard
Evaluated file: $GHS1.SECOM.SECOM
Access ruling done by: GUARDIAN
Execute: OK
$GHS1 ACCESS 207>

$GHS1 ACCESS 11> object $ghs1.secom.secom,user ghs.carl
Evaluated file: $GHS1.SECOM.SECOM
Access ruling done by: GUARDIAN
Read: OK
Write: OK
ReadWrite: OK
Execute: OK
Purge: OK
Create: OK
$GHS1 ACCESS 12>Security settings:
Owner = SUPER.SUPER
RWEP = "OOAO"
Licensed = YES

*** WARNING ***
This program does NOT cause SAFEGUARD to create audit records.
This might be considered a security breach.
In this case, don't use the program!

HPE-NonStop Security

Secure your HPE-NonStop system with security software and privileged system products and tools from GreenHouse