Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.3 4.3bsd-beta 6/6/85; site ucbvax.BERKELEY.EDU Path: utzoo!watmath!clyde!burl!ulysses!cbosgd!ucbvax!UWAV4.BITNET!02335 From: 02335@UWAV4.BITNET Newsgroups: mod.computers.vax Subject: ACL's on logical name tables - re-post Message-ID: <8603151938.AA10166@ucbvax.berkeley.edu> Date: Sat, 15-Mar-86 14:39:14 EST Article-I.D.: ucbvax.8603151938.AA10166 Posted: Sat Mar 15 14:39:14 1986 Date-Received: Sun, 16-Mar-86 10:35:02 EST Sender: daemon@ucbvax.BERKELEY.EDU Organization: The ARPA Internet Lines: 49 Approved: info-vax@sri-kl.arpa Subject: ACL's on logical name tables - re-post I previously posted a better way to protect group logical name tables which contained an error. I am re-posting so that those who were confused can be less confused... The following is the actual code in our our startup command procedure. $! ============================================+++++++++++++++++++++ SYSTARTUP $! $... $! Protect system logical tables $! $ SET ACL/OBJ=LOGICAL/ACL=(ID=[*,*],ACCESS=READ) LNM$SYSTEM_TABLE $ SET ACL/OBJ=LOGICAL/ACL=(ID=[*,*],ACCESS=READ) LNM$SYSTEM_DIRECTORY $! $! Create the group 11 and 12 logical tables $! $ RUN/INPUT=NLA0:/UIC=[11,0] SYS$SYSTEM:LOGINOUT $ RUN/INPUT=NLA0:/UIC=[12,0] SYS$SYSTEM:LOGINOUT $! $! Protect group tables for groups 11 and 12 (these have mixed users) $! $ SET ACL/OBJ=LOGICAL/ACL=((ID=[11,*],ACCESS=READ),- (ID=[*,*], ACCESS=NONE)) LNM$GROUP_000011 $ SET ACL/OBJ=LOGICAL/ACL=((ID=[12,*],ACCESS=READ),- (ID=[*,*], ACCESS=NONE)) LNM$GROUP_000012 $! $... Note: That the groups 11 and 12 contain privileged and nonprivileged users. I believe this should make things easier for some, considering that it is now correct. Tony Andrea Engineering Computer Services University of Washington BITNET: 02335 at UWAV4 ARPA/CSNET: 02335%uwav4.bitnet@wiscvm.arpa DECnet: VAX4::02335 Phone: (206)543-0499 Mail: Computer Services 374 Loew Hall, FH-10 University of Washington Seattle, WA 98195