Specifying auditing conditions – HP NonStop G-Series User Manual

Securing Disk Files

Safeguard User’s Guide— 422089-009

3- 12

Specifying Auditing Conditions

To restore a frozen access control list, use the THAW DISKFILE command. Any user
who can freeze an access control list can also thaw it.

For example, the owner of the disk file (user ID 2,1) can restore the access control list
for quarter1 by entering:

=THAW DISKFILE quarter1

The STATUS field of the INFO display shows that the access control list is thawed:

=INFO DISKFILE quarter1

Specifying Auditing Conditions

The Safeguard subsystem provides facilities for auditing attempts to access a disk file
or its corresponding authorization record. For detailed information on auditing, see the
Safeguard Audit Service Manual.

You can specify four auditing attributes in a disk-file authorization record. They are:

•

AUDIT-ACCESS-PASS

•

AUDIT-ACCESS-FAIL

•

AUDIT-MANAGE-PASS

•

AUDIT-MANAGE-FAIL

You can set these attributes to ALL, LOCAL, REMOTE, or NONE. The default value for
the auditing attributes is NONE, which indicates no auditing.

As with other security attributes, you can specify auditing conditions with the ADD
DISKFILE, ALTER DISKFILE, or SET DISKFILE commands.

The following command causes the Safeguard software to audit all unsuccessful
remote attempts to access quarter1:

=ALTER DISKFILE quarter1, AUDIT-ACCESS-FAIL REMOTE

Note.

Freezing an access control list has no effect on processes that already have the file

open.

LAST-MODIFIED OWNER STATUS WARNING-MODE
$DATA.SALES
QUARTER1 23JUL05, 15:33 2,1 THAWED OFF

002,001 R,W,E,P
002,006 DENY W
002,018 R,W,E,P
004,012 R
008,004 DENY R
002,* R,W
008,* R