 |
» |
|
|
|
One of the key FTAM features is its sophisticated file protection
scheme. FTAM provides two related mechanisms to protect files from
undesirable or unauthorized use: The first—called access
control —controls the actions that
users can perform on the file. A file has a list of permissions
(permitted actions), which specify the actions that are allowed
to be performed on the file (see Table 5-1 “Possible File Actions”). It is also possible to limit individual
users (or classes of users) to some subset of a file's permissions.
For example, one user may be allowed to read—but not modify—a
certain file, while another user can do both. The second—called concurrency
control —controls access to a file
by multiple users (see Table 5-2 “Concurrency Control Locks”).
For example, a user may be allowed to modify the file only if no
one else is using it. For example, consider the user who is not
allowed to modify a file, but is allowed to read it. To obtain a
"snapshot" of the file at a given moment, the
user still needs to obtain exclusive access to the file as he reads
it. Therefore, in the command to read the file, this user must request
exclusive access—a function of concurrency control. This
chapter shows to do this.
To summarize, access control governs
the actions that are permitted on a file, granting different users
different subsets of the available actions. Concurrency
control governs whether and how multiple users can access
the file. Access control and concurrency control were designed and
implemented to help ensure that data remains secure and uncorrupted. Application of File Protection | |
There are three aspects to using FTAM file protection mechanisms: Setting (or removing) file protection
for a file. This is similar to putting a padlock on a building's
door. You can set file protection on a file in either of two ways: At the system prompt, use the fcattr
command. At the ftam> prompt, use the cattr command.
Usually, a file's owner will set appropriate access control
(and, optionally, concurrency control) on a file. Note that if you
do not explicitly apply file protection to a file, it is open to
general use (within the constraints of the underlying HP-UX file
system). Satisfying file protection conditions
on a file which has had access control applied to it. This is similar
to using a key to open the padlock and gain access to the building.
You satisfy file protection conditions one of two ways: At the system prompt, use the -z
option on FTAM commands. This option is explained later in this
chapter. At the ftam> prompt, use the set -y
or set -z command.
This command is explained in Chapter 2 “Using Interactive FTAM” and with specific file protection details
later in this chapter.
If a file has FTAM access control applied to it, the only
users who can perform a given action on a file are those users who
have been explicitly granted permission to perform that action with
the file. Locking a file during access, to ensure
the integrity of the data. Many common activities can corrupt data
if multiple users are permitted simultaneous access. Therefore,
HP-UX FTAM provides ways to "shut-out" other users
during critical operations.
For maximum flexibility in setting up or satisfying file protection
on a file, HP-UX FTAM uses a syntactic element called an "action/concurrency
string." The form of an action/concurrency string is concise,
and uses specialized notation. Action/concurrency strings are described
later in this chapter. To obtain exclusive access to a file (that is, to lock the
file during your access), HP-UX FTAM provides a "shortcut"
for command-line operations, the -X
option. This option locks a file during the requested operation.
This option is also described later in this chapter. Terms and Notation for FTAM File Protection | |
This section introduces the terminology surrounding FTAM file
protection. There are two key areas to understand: Concurrency control locks
These are covered in the next two subsections. The following table lists the name of each possible permission
(or "file-action"), an associated code
letter, and an explanation of its meaning. The code letters appear
in action/concurrency strings [5],
and in extended and summary listings from fls and ftam: Table 5-1 Possible File Actions Action Name | Code Letter | Explanation: A
user with this permission is allowed to ... |
|---|
Read | R | ...
read the file. | Insert | I | ...
insert new data anywhere in the file. | rePlace | P | ...
replace the file with a new version. | eXtend | X | ...
insert new data at the end of the file. | Erase | E | ...
erase all data in the file, leaving an empty file. | read Attributes | A | ...
read the FTAM attributes of the file. | Change attributes | C | ...
change the FTAM attributes of the file. | Delete | D | ... delete
the file entirely, leaving no trace of it. |
The following table lists each valid concurrency control value
(or "lock") which can be applied to a file action,
and its associated code for use in action/concurrency strings: Table 5-2 Concurrency Control Locks Lock Name | Code Letter | Explanation | You perform the action | Others
perform the action |
|---|
Shared | S | Use shared-access
when you need to perform the action, and would not experience conflict
if other users simultaneously perform same action. | Yes | Yes | eXclusive | X | Use exclusive-access
when you need to perform the action, and would experience conflict
if other users simultaneously perform same action. | Yes | No | No access | N | Use no-access when
you do not need (or are not allowed) to perform the action, but
you would experience conflict if other users perform that action
on the file while you use it. | No | No | not
required | # | Use
not-required access when you do not need (or
are not allowed) to perform the action, and would not experience
conflict if other users perform that action on the file while you
use it. | No | Yes |
|
Printable version
