Database Administrator's Guide

File Security Controls

The owner of a file can change the security information for their file, as follows:

1. Run the utility program ctfile the same way as any other program in the environment.
2. Enter current User ID.
3. Enter the current password for the User ID, if one has been assigned.
4. Continue by entering the FairCom Server’s current name, which is either the default name or another name specified by the server configuration.
5. Now give the name of the file whose security information is to change.
6. If the named file has a file password, the next step is to enter the password.

Note: Whenever input is requested, the user may enter a question mark (?) to receive HELP.

The file owner may change the following security options for their file:

• Change the file’s password.
• Change the file’s permission mask.
• Change the file’s Group.
• Change the file’s Owner

Caution! Be careful changing owner security. Once the owner has been changed, then the original owner may no longer use the utility, ctfile, to access the file and change security information.

Note: The Administrator can always use the Administration Utility to change, or view, the file security information for any file controlled by FairCom DB.

Default Permissions

FairCom DB defaults to a permission mode of 0660 (read/write access for owner and group; no access for world) for the files it creates.

When using FairCom DB the permission mode assigned to files can be set with the server configuration keyword FILE_CREATE_MODE to specify the desired file permission mode.

Example

;Set read and write permission for owner

;and no permission for group and world.

FILE_CREATE_MODE 0600

Note: On Unix systems, the system’s umask setting also affects the permission mode assigned to a file when it is created. If the umask setting is non-zero, the specified permissions are removed from the file’s permission mode.