Prior to this enhancement, c-treeACE allowed any user to connect using the ctadmn utility and change the password for any user account. ctadmn used low-level and ISAM-level functions to read and write records in the c-treeACE Server’s security files (which are members of the FAIRCOM.FCS superfile).
Tighter administrator security restrictions have been enabled such that c-treeACE now permits FAIRCOM.FCS to be opened only by a member of the ADMIN group. ADMIN group members can read data from FAIRCOM.FCS using low-level or ISAM function calls but cannot update FAIRCOM.FCS, other than through calls to the SECURITY() API function.
The new security restrictions are as follows:
Add user account - Only members of the ADMIN group can add user accounts, and only super ADMIN can add a user account as a member of the ADMIN group.
Delete user account - Only members of the ADMIN group can delete user accounts, and only super ADMIN can delete a user account that is a member of the ADMIN group.
Add a user to a group - Only members of the ADMIN group can add a user to a group, and only super ADMIN can add a user to the ADMIN group.
Remove a user from a group - Only members of the ADMIN group can remove a user from a group, and only super ADMIN can remove a user from the ADMIN group.
Change user description or password - Members of the ADMIN group can change the description or password of non-ADMIN group users, and any user can change his own description or password.
List user accounts - Only members of the ADMIN group can list user accounts.
Show user account information - Only members of the ADMIN group can show account information (for any user).
Change user memory limit - Only members of the ADMIN group can change memory limit, and only super ADMIN can change memory limit for a member of the ADMIN group.
Change user extended settings - Only members of the ADMIN group can change extended settings, and only super ADMIN can change extended settings for a member of the ADMIN group.
Add a group - Only members of the ADMIN group can add groups.
Remove a group - Only members of the ADMIN group can remove groups.
List groups - Only members of the ADMIN group can list groups.
Show group information - Only members of the ADMIN group can show group information.
Change group description - Members of the ADMIN group can change the description of any group.
Change group memory limit - Members of the ADMIN group can change the memory limit of any group.
List files matching filename - All users can list files matching the specified filename
Change file group - All non-ADMIN users can change the group of a file that they own. ADMIN group users can change the group of any file.
Change file owner - All non-ADMIN users can change the owner of a file that they own. ADMIN group users can change the owner of any file.
Change file password - All non-ADMIN users can change the password of a file that they own. ADMIN group users can change the password of any file.
Change file permissions - All non-ADMIN users can change the permissions of a file that they own. ADMIN group users can change the permissions of any file.
Compatibility
If a c-treeACE client library or utility (for example, ctadmn or sa_admin) that does not have these security enhancements enabled attempts to perform security operations on a c-treeACE Server that enforces the tighter security restrictions, the operation might fail with one of the following error codes, even if the c-treeACE Server allows that user to perform the specified operation:
SACS_ERR (456) Group access denied
SWRT_ERR (458) Write permission not granted
These errors may occur because the client logic prior to this enhancement may attempt to open FAIRCOM.FCS or read or write to FAIRCOM.FCS using low-level or ISAM client-side function calls. The client-side logic that is compatible with the new security restrictions avoids these errors by using the new SECURITY() API function modes to perform these operations.
If a c-treeACE client library or utility that has these security enhancements enabled attempts to perform security operations on a c-treeACE Server that does not enforce the tighter security restrictions, the operation may fail with the following error, because the c-treeACE Server does not support the SECURITY() API modes that were added with this enhancement:
SCMP_ERR (925) The c-treeACE client is attempting to use features of the SECURITY() API function that this c-treeACE Server does not support. Update your c-treeACE Server.
An additional error code was added indicating a security operation failed because it can only be performed by the super ADMIN user account:
SADM_ERR (924) Only the super administrator user account (named ADMIN) can perform this operation. For example, only ADMIN can change ADMIN group membership.
If FAIRCOM.FCS exists when c-treeACE starts, the server automatically makes any necessary changes to the file and its members to enforce these tighter security restrictions. If FAIRCOM.FCS does not exist, the server creates the file with all appropriate security attributes.
These security changes within FAIRCOM.FCS include:
Set file permissions on FAIRCOM.FCS and its members so that only the super ADMIN account can write to these files; ADMIN group members can read from these files; and other users can neither read nor write these files.
Set a file attribute so that no client can write to the FAIRCOM.FCS member files using low-level or ISAM function calls. Only the SECURITY() function can write to these files using the new modes that were added in this revision.
The server adds DODAs to the FAIRCOM.FCS data file members so that the client properly reads security records when running in a heterogeneous environment.
Security API Modes
The following modes have been added to the SECURITY() API function to support the new security restrictions:
Symbolic
Value
Description
SEC_ADD_USER
13
Add user account
SEC_REMOVE_USER
14
Remove user account
SEC_CHANGE_USER_GROUPS
15
Change user group membership
SEC_CHANGE_USER_DESC
16
Change user description
SEC_CHANGE_USER_PASSWD
17
Change user password
SEC_CHANGE_USER_MEMORY
18
Change user memory limit
SEC_CHANGE_USER_XINFO
19
Change user extended settings
SEC_ADD_GROUP
20
Add group
SEC_REMOVE_GROUP
21
Remove group
SEC_CHANGE_GROUP_DESC
22
Change group description
SEC_CHANGE_GROUP_MEMORY
23
Change group memory limit
Example
See the ctadmn.c source module, which demonstrates specifying various parameter values in the input buffer when calling the SECURITY() API function with these new modes.
