5.7.2.2 Access Permissions

5. Maintenance › 5.7 Activating CA MICS USS and HFS Support › 5.7.2 Prerequisites › 5.7.2.2 Access Permissions

5.7.2.2 Access Permissions


Whenever an HFS file or directory is created, security flags
called access permissions are set.

These permissions control the level of access a user has for
a given directory or file.

There are three levels of access:

o  Owner (e.g., the user creating file)
o  Group (any user in the same "group" as the Owner)
o  Other

Each level has three permissions:  read (r), write (w), and
execute (x).

Access permissions are usually represented as three
three-byte strings indicating the permissions for each level
of access.

The following shows a sample directory entry:

 access      owner  group    size  create date  filename
-------------------------------------------------------------
-rw-rw-r-- 1 USER06 CA MICSG 10037 Jul 28 23:50 contents.html

The owner (USER06) has read/write permission (rw-), anyone in
group CA MICSG also has read/write permission (rw-), and the
rest have read permission (r--).

CA MICS normally creates HFS files with permissions of
rw-rw-r--.

CA MICS also creates HFS subdirectories with permissions of
rwxr-xr-x.

Important: However, these permissions may be altered by your
           installation's USS UMASK definition (default
           access permissions) or by your security system.

You can use UNIX chmod command to change access permissions
for any file or group of files. Here is an example:

   chmod -R u+rw,g+rw,o+rw documents/*

This example resets access permissions to rw-rw-rw- for all
files in the documents directory and any sub-directories of
the documents directory.

You can use the oid and gid commands to change the owner and
group IDs respectively.

Important: Security packages such as ACF2, TopSecret, and
           RACF may change access permissions based upon
           existing security policies.

Tell Technical Publications how we can improve this information