HP OpenVMS Guide to System Security > Chapter 8 Controlling Access to System Data and Resources

Naming Individual Users in ACLs

  Table of Contents

  Glossary

  Index

Rather than attempting to restructure UIC groups to solve data and resource protection problems, you may be able to achieve your goals by using access control lists (ACLs). (“Controlling Access with ACLs”“Controlling Access with ACLs” on page 75 provides a detailed description of ACLs.) The UIC can serve as an identifier in an ACE, so you can easily construct ACLs that allow specific users across various UIC groups access to an object.

For example, consider the ACL that you might construct to allow specific users from the Rainbow Paint Company to access the file PAYROLL.DAT:

(IDENTIFIER=OWESTWOOD,ACCESS=READ+WRITE+EXECUTE+DELETE)
(IDENTIFIER=CRUIZ,ACCESS=READ+WRITE+EXECUTE+DELETE)
(IDENTIFIER=RSMITH,ACCESS=READ+WRITE+EXECUTE+DELETE)
(IDENTIFIER=JSIMON,ACCESS=READ)
(IDENTIFIER=SGIBSON,ACCESS=READ)