PERMISSIONS - cf, mf, cc, and mc permission conventions.
Description:
When you create or modify a file or catalog, you can specify
general or specific permissions, in order to control who can do
what to the file or catalog. This explain file shows how to
specify permissions and describes what each permission means.
The permissions and their functions are given below. In many
cases, both a long form and a short form are shown.
- delete
- This is not a permission, but rather a way to force the
removal of previously existing specific permissions.
- none
- This is used to remove general permissions on a file or
catalog.
- exclude
- This is not a permission, but rather a way to specify no
permissions. It is often used to specifically exclude a
user or users from the privileges granted by general
permissions.
- read or r
- This allows the reading of file contents. READ permission
also implies EXECUTE permission.
- write or w
- This allows the writing of file contents. WRITE implies
READ, APPEND, and EXECUTE permissions.
- append or a
- This is treated the same as READ.
- execute or e
- This only allows execution of file contents. Thus reading
is restricted to loading or compilation. Since EXECUTE
has no meaning for a catalog, several UW Tools commands
respect EXECUTE as permission to display information
about the catalog (note that ACCESS does this as well).
- recovery or rec
- This is the same as write, but it also allows writing if
the file is abort locked or has defective space. RECOVERY
implies WRITE, APPEND, EXECUTE, and READ.
- purge or p
- This allows a file or a catalog (and subordinate
structure) to be deleted. PURGE also implies everything
implied by RECOVERY.
- create or c
- This allows files or catalogs to be created under a
catalog. CREATE does not imply any other permissions.
- lock or l
- This allows the security locking of a file or catalog,
the removal of a security lock, or the access of a file
that is security locked or is under a security locked
catalog. LOCK does not imply any other permissions.
- modify or m
- This allows the changing of the attributes of a file or
catalog. Since the holder of MODIFY permission can use it
to get any other permission, MODIFY implies all the
permissions above.
Several permissions imply other permissions. If you only want
to give a particular permission without including the implied
ones, simply give the permission followed by the character
"o" (meaning "only"). For example,
ro -- read only
wo -- write only
mo -- modify only
You can supply more than one general or specific permission
argument in an ACCESS command line. If you do, the result
includes all permissions specified. Thus the new general
permission includes all general permissions specified, while the
new specific permission for a userid includes all the specific
permissions named for that userid.
See Also:
- expl access efso
- for instructions on how to set and remove security locks.
Copyright © 1996, Thinkage Ltd.