Compaq FTAM Responder Support of
ISO FTAM Functions
OSI/FTAM Responder Manual—425199-001
4-19
Security Group File Attributes
If the access-control attribute is not present in the F-CREATE indication, the Compaq
responder sets Compaq file security to the default security allowed for the FTAM
association, as defined by the initiator-identity parameter sent in the F-INITIALIZE
request or by the default user (DEFUSER) attribute specified in the VFS profile
configured for this responder.
Changing File Attributes. The access-control attribute can be modified through FTAM
using the F-CHANGE-ATTRIB primitive. On the basis of the information a remote
initiator sends in the F-CHANGE-ATTRIB request, the Compaq responder modifies the
Guardian security of a file according to the functions it supports and returns a new value
for the access-control attribute in the F-CHANGE-ATTRIB response. The Compaq
responder access-control attribute is limited to a single access-control element.
In the F-CHANGE-ATTRIB request sent by the initiating system, the values for access
control consist of insert-values or delete-values (or both), each of which can be zero,
one, or more access-control elements. The Compaq responder, however, processes only
the first access-control element sent for insert-values and for delete-values.
The Compaq responder also ignores all but the first component of the insert-values or
delete-values information, using only the action-list information to modify Guardian
security (R W E P) for the file. If the initiating application attempts to change any other
components of access control (such as concurrency-access, location, or identity), the
Compaq responder returns a diagnostic message.
Insert-values and delete-values turn access to the actions in the action list on and off,
respectively. Because the access-control attribute can indicate both insert-values and
delete-values, you might unintentionally specify the same action in both values. If this
occurs, the delete-values action overrides the insert-values action.
The following rules apply to changing the access-control attribute:
For insert-values:
•
If the read access-control bit of the action list is set, the responder sets READ access
to N, indicating that any user on the Expand network can read the file.
Table 4-13. Mapping From FTAM Action List to Guardian Security
If action list is set to… Guardian security is modified to…
Read Set READ access to N
Insert Set WRITE access to N
Replace Set WRITE access to N
Extend Set WRITE access to N
Erase Set WRITE access to N
Read attributes (no change)
Change attributes Set WRITE access to N
Delete file Set PURGE access to N