Generated from C.65.00 /SYSADMIN/PUB/MYCICAT last modified on Sun Aug 29 15:08:37 2004

Back to Main Index


     Changes the access permissions of an object by altering its
     access control definition (ACD).

     ACDs are the main method of controlling access to files,
     hierarchical directories, and devices.  ACDs are automatically
     assigned to hierarchical directories and to files existing in
     hierarchical directories.

     You can change the access permission for a file, a hierarchical
     directory, a device, and a device class.  You cannot use ALTSEC
     to change access permissions for an MPE group, account, or the
     root directory.


     ALTSEC objectname [,{FILENAME}]

     [,[ACCESS=](fileaccess[,[fileaccess][; ...]])]
     [{;NEWACD=}    {(acdpair[;acdpair][; ...])}]
      {;ADDPAIR=}   {^filereference}

     [{;REPACD=}{(acdpair[;acdpair][; ...])}]

     [;DELPAIR= {(userspec[;userspec][; ...])}]

     [;COPYACD= objectname {,FILENAME}] [;DELACD] [;MASK]


objectname          An actual file designator, a directory name,
                    logical device number, device name or device
                    class whose security provisions are to be altered.

                    Either MPE or Hierarchical File System (HFS) file
                    name syntax may be used for the actual file
                    designator of the file or directory whose access
                    permissions are to be altered.

                    Wildcard characters may only be used with MPE
                    syntax files residing in a group.

                    MPE Syntax

                    MPE file name syntax may include lockwords but not
                    RFA information.  If the object is an MPE syntax
                    file, its format is:


                    A logical device number must be a numeric value
                    and be configured on the system.

                    A device class name must be configured on the

                    File lockwords must be specified for files
                    protected by active lockwords unless the object
                    is also protected by a current ACD.

                    In a batch job, if a lockword exists on a file
                    it must be specified.  In a session, if a
                    lockword exists and is omitted, MPE/iX prompts for

                    HFS Syntax

                    File designators using HFS file name syntax must
                    begin with either a dot (.) or a slash (/)
                    character, and are limited to a maximum length of
                    255 characters.

                    File equations are ignored during resolution of
                    the object name to avoid having accidental file
                    equation references cause unintentional changes
                    to an object's access permissions.

                    The objectname parameter is followed by one of
                    the three type identifiers listed below.

                    FILENAME    A type identifier indicating that
                                the objectname refers to either a
                                file or directory designator.
                                FILENAME is the default if a type
                                identifier is not specified.

                    LDEV        A type identifier indicating that
                                the objectname refers to a logical
                                device number.

                    DEVCLASS    A type identifier indicating that
                                the objectname refers to a device

ACCESS             Optional keyword indicating that fileaccess
                   specification follows.  This option affects
                   security at the file level only.

fileaccess          File security specifications, entered as follows

                    {R}         {ANY}
                    {L}         {AC }
                    {A} [,...]: {GU }[,...]
                    {W}         {AL }
                    {X}         {GL }
                                {CR }

                    where R, L, A, W, and X specify modes of access by
                    types of users (ANY, AC, GU, AL, GL, CR) as follows

                    R  =  READ
                    L  =  LOCK (allows opening with dynamic lock option)
                    A  =  APPEND (implicitly specifies L also)
                    W  =  WRITE (implicitly specifies A and L also)
                    X  =  EXECUTE

                    Two or more modes may be specified if they are
                    separated by commas.  The user types are specified
                    as follows

                    ANY =  Any user
                    AC  =  Member of this account only
                    GU  =  Member of this group only
                    AL  =  Account librarian user only
                    GL  =  Group librarian user only
                    CR  =  Creating user only

                    Two or more user types may be specified if they are
                    separated by commas. Default is R, L, W, A, X:ANY.
                    The colon (:) separating one or more modes from one
                    or more user types is required punctuation in the
                    specification of fileaccess.

                    The ACCESS keyword is optional.  If the file is
                    protected by an ACD, the ACD overrides the file
                    access mask.

NEWACD              Indicates "new ACD".  Use NEWACD to create a
                    new ACD pair for the specified object.  NEWACD
                    is used when an ACD does not currently exist.
                    It must be followed by valid ACD pair(s) as
                    described below.

REPACD              Indicates "replace ACD".  Use REPACD to replace an
                    entire existing ACD for the specified object, or
                    to copy an ACD from an existing objectname to the
                    specified objectname where objectname refers to a
                    file. (You cannot use REPACD to copy ACDs between
                    devices.)  The REPACD parameter must be followed
                    by valid ACD pair(s) as described below.

ADDPAIR             Indicates "add pair".  Use ADDPAIR to add a new
                    ACD pair to an existing ACD.  It must be followed
                    by valid ACD pair(s) as described below.

REPPAIR             Indicates "replace pair".  Use REPPAIR to replace
                    an existing ACD pair in an existing ACD.  It
                    must be followed by valid ACD pair(s) as described
                    below.  A new ACD  pair will replace an existing
                    ACD pair if it has the same user and account

acdpair             An access control definition pair.  Like the
                    fileaccess parameter this consists of a modes
                    part and a userspec part.  The modes part is
                    separated from the userspec part a colon (:).
                    Acceptable modes for files are:

                        R : READ file access
                        W : WRITE file access
                        L : LOCK file access
                        A : APPEND file access
                        X : EXECUTE file access
                     NONE : no access
                     RACD : copy or read the ACD permission

                    Acceptable modes for directories are:

                        CD : CREATE DIRECTORY ENTRIES access
                        DD : DELETE DIRECTORY ENTRIES access
                        RD : READ DIRECTORY ENTRIES access
                        TD : TRAVERSE DIRECTORY ENTRIES access
                      NONE : no access
                      RACD : copy or read the ACD permission

                     File ACD pairs may contain R, W, L, A, X,
                     NONE, and RACD.  Directory ACD pairs may
                     contain, CD, DD, RD, TD, NONE, and RACD.

                     The userspec part consists of:

                     o a fully qualified user name

                     o the file owner represented as $OWNER

                     o the file group represented as $GROUP

                     o the file group mask represented as

                     o @.accountname which represents all users
                       in the account "accountname"

                     o @.@ which represents all users in the system

NOTE:                Wildcards cannot be used in any other
                     manner within a user specification.

                     A typical ACD consisting of three ACD pairs
                     might look like this:


                     This ACD would allow READ and WRITE access to
                     the ENGR user of the MFG account; READ and
                     WRITE access to any user of the MRKT account
                     along with the ability to read or copy the
                     ACD; and READ access to any user in any

filereference        A file containing one or more ACD pairs.  ACD
                     pairs must be separated by semi-colons and may
                     be placed on separate lines.  A single ACD pair
                     may not span more than one line.  The file name
                     must be preceded by the ^ sign (caret symbol) to
                     indicate that the designated file contains the
                     ACD definition.  This is known as an indirect

                     The ALTSEC command fails if the indirect file
                     does not contain a syntactically correct ACD.
                     ACD pairs may be on separate lines, but a pair
                     may not span lines.  Parentheses are optional
                     when defining an acdpair within an indirect file.

                     The file reference may be specified using
                     MPE or HFS file name syntax.  For example:


                     If the file has an active lockword, it must be
                     specified.  ACDs override lockwords.  Lockwords
                     can only be specified in file references using
                     MPE name syntax.  Unqualified file names are
                     relative to the current working directory.

DELPAIR              Deletes one or more ACD pairs.  It must be
                     followed by a valid userspec.

userspec             Username and accountname, the same as the
                     userspec described above in acdpair.  A wildcard
                     (@) may be used for the username or both the
                     username and accountname together.  A wildcard
                     may not be specified for the accountname unless
                     it is also specified for the username.

COPYACD              Indicates that an ACD is to be copied from an
                     existing objectname to the specified objectname.
                     ACDs can only be copied between like objects.
                     You must specify FILENAME, LDEV, or DEVNAME.
                     You cannot copy an ACD from a device class
                     (DEVCLASS) although you may copy to all devices
                     on the system by specifying the @ sign as the
                     target device.

DELACD               Deletes the ACD (all ACD pairs) from the
                     specified objectname.  ACDs may only be removed
                     from devices and file in MPE groups.  The file
                     access matrix controls access to these files
                     when an ACD is deleted.

MASK                 Keyword which selects recalculation of the ACD
                     file group class mask ($GROUP_MASK) access


     The ALTSEC command alters security provisions for files,
     hierarchical directories, devices and device classes by
     manipulating an object's access control definition (ACD) or its
     access mask.  All of these objects may have ACDs, but only files
     have access masks which can be changed using this command.  An
     object's ACD may be altered using this command with the ACD
     DELACD, and MASK.  A file's access mask may be altered using
     either the ACCESS keyword or an access specification without
     a keyword.  Using the ACCESS keyword is a recommended
     practice to help distinguish between file access mask and
     ACD operations.

     Only a file's owner can use this command to change a file's
     access mask. Object owners and users with appropriate privilege
     can use this command to manipulate an object's ACD.  Files and
     hierarchical directories have their owner's identity and a file
     group ID (GID) stored in their file labels.  System managers and
     account managers have appropriate privilege to manipulate an
     object's ACD.  Account managers for the account matching an
     object's GID have appropriate privilege.  Devices are owned by
     system managers.  The ability to manipulate an ACD or file mask
     is not affected by the object access currently granted to a
     user.  System and account managers are always granted all access
     to files and hierarchical directories protected by ACDs.

     File ACDs override file lockwords and the file access matrix.
     ACDs permit more precise access control than can be expressed
     using the file access matrix by allowing access permissions to
     be granted or denied to specific users.  MPE/iX allows a maximum
     of 40 ACD pairs to be specified for a particular object.
     Since a large number of ACD pair specifications will overflow
     the command line buffer, large numbers of ACD specifications may
     be entered using an indirect file.

     The ALTSEC command fails if you attempt to alter the access
     permissions for a permanent disk file whose group's home volume
     set is not mounted.

     Release 5.0 requires ACDs on the following files:

     o  All hierarchical directories

     o  All files under hierarchical directories

     o  All files directly under MPE/iX groups where the file GID
        does not match the GID of the account and group in which the
        file is located.  One way this occurs would be if you rename a
        file from an MPE group outside the account to another MPE

     Required ACDs cannot be removed with the ALTSEC command even by
     users with SM or AM capability.

Access to Command Files and UDCs

     You can now protect UDCs and command files by denying READ (R)
     access and granting EXECUTE (X) access to users that need to
     execute the file but are not permitted to read the file. When a
     user lacks READ access to a command file or UDC file, the system
     behaves in the following manner:

     o  The user cannot see any of the commands within the file.
        Specifically OPTION LIST and the HPCMDTRACE variable are

     o  HELP is unavailable for the file.  For a UDC file this means
        that all of the UDCs within the file are treated as if
        OPTION NOHELP was specified.

     o  SHOWCATALOG'' still lists the individual UDCs and UDC
        filenames.  If an error occurs, the offending command line is
        not echoed to $STDLIST.

     To see examples of how to grant only execute access to a command
     file or UDC, read "Examples."

     This command may be issued from a session, job, program, or in
     BREAK.  Pressing [Break] has no effect on this command.



     LISTFILE,4 can be used to view the file access matrix.

     You have created a file named FDATA and you want to change
     its security provisions to allow WRITE access to yourself
     only. There will be no default security provisions.  Enter


     To change the file access matrix permissions for the
     FPROG program file to allow group users to execute the
     program, but only account and group librarian users can read
     or write to the file, enter:


ACD Examples

     LISTFILE,-2 can be used to view ACD information.
     This form of the LISTFILE command displays only ACD

     You have created a file named FDATA and you wish to
     assign a new ACD to FDATA granting write access to a
     user named FRIEND.  Enter:


     As the creator of a file, you are by default able to
     access the file, so granting your user identity all access
     in the ACD would be redundant. Users with appropriate
     privileges are always permitted to access files protected by

     To extend the ACD for the FDATA file so that all users on the
     system can read it, and all users within your account "ACCT"
     can also write to it, enter:


     If you later decided that users outside your account "ACCT"
     should not have read access to the file FDATA any longer,


     This does not mean to delete all ACD pairs, only the ACD
     pair matching @.@.  To delete the entire ACD enter:


     You want to copy the ACD associated with LDEV 5 to all
     devices in device class TERM:


     ACDs may be copied only between objects of the same type.

     You want to grant users in account ACCT all access to
     directory Mydir1:

         ALTSEC .\Mydir1;ADDPAIR=(CD,DD,RD,TD,RACD : @.ACCT)

     You want to grant read and write access to yourself and read
     access for other members of your group to an HFS syntax file
     named a_file_of_Mine:

           ALTSEC ./a_file_of_Mine;REPPAIR=(RACD,R,W:$OWNER;
           RACD,R:$GROUP,$GROUP_MASK; NONE:@.@)

      To alter the security of file FILENAME, to allow write access
      to the creator only and override the MPE/iX default security
      (if it still exists) enter:


      To change the security of program file PROGNAME so
      that any group user can execute the program, but only account
      and group librarians can read or write to the file, enter:


      To add a new ACD to file PROGNAME allowing all users on
      the system to execute it, but only users in account ACCT to
      write to it enter:


      To grant execute access to the mycmdf file, enter either of the
      following commands.  (To then verify the security, use LISTFILE
      formats -2 or 4.)

           :altsec mycmdf; access=(x:any; r,w,l,a:gu)

           :altsec mycmdf; repacd=(racd,x:@.@; r,w,l,a:$group)


            Also see the fileaccess parameter for these commands:

Manuals :   MPE/iX Intrinsics Reference Manual (32650-90028)

Back to Main Index