If the system, security group, and target user ID rules have been processed and no rule is found, the default rules for the target user ID security group are processed, and then the system default rules are processed. To make sure all situations are covered, the NORULE record in the SECURITY CONFIG file must specify either ACCEPT or REJECT to govern all CP commands. The group default rules and system default rules are processed before the NORULE record in the SECURITY CONFIG file.
To create default system rules and default security group rules, use the RULES command with the DEFAULT option. For example, to create default system rules, enter the following:
vmsecure rules system (default
To create default group rules for security group CHEERS, enter the following:
vmsecure rules group cheers (default
|
Copyright © 2014 CA.
All rights reserved.
|
|