HP OpenVMS Systems

ask the wizard
Content starts here

Wildcards in Security ACE Format?

» close window

The Question is:

I'm working with ACE and found two different ways to define access for all
 others user/all other idents
IDENT=[*,*], ACCESS=...
What is different between these two definition ?
greetings from Hannover, Germany

The Answer is :

  For details of Access Control Lists (ACLs) and Access Control
  List Entries (ACEs), as well as resource, subsystem and other
  forms of identifiers, please see the information available
  within the OpenVMS System Security Manual.
  In this particular case, one is the wildcard identifer, and
  the other is the wildcard UIC.  (Determining which one is the
  identifier and which is the UIC is left as an exercise for
  the reader.)
  There is no generally need for such an identifier wildcard,
  as this wildcard result can more directly be achieved using
  the standard UIC protection mask and mechanisms.  In most
  instances, there is no specific need for an ACL nor a
  wildcarded ACE for general access to an object; a standard
  OpenVMS UIC rotection mask setting can provide wildcard
  access or wildcard denial.
  Do note that the order of ACEs within an ACL and teh UIC
  progtection mask are of some importance.  The security
  manual will have details here, of course.

answer written or last revised on ( 12-AUG-2004 )

» close window