HP 3000 Manuals HP 3000 Manuals
Renaming a File
Prior to MPE/iX Release 4.5, files could not be renamed across account
boundaries. A reason for this restriction was to ensure file security.
This restriction also made it so that disk space would be accounted to
the account in which the user was located. File ownership specified in
the file's label was limited to only the creator name in the form
username, a character string representing the name of the user who
created the file (for example, LINDA). A creator name was only unique
within a single MPE account, not across the whole system. A different
account may have the same user name to specify a different user.
For example, LINDA.FINANCE has complete access to all files in the
FINANCE account where the file's creator specifies LINDA. In addition,
LINDA.MARKETNG has complete access to all files in the MARKETNG account
where the file's creator specifies LINDA. If a file created by
LINDA.FINANCE was allowed to be renamed to the MARKETNG account, the file
system would allow LINDA.MARKETNG to have total access to that file,
believing that LINDA in account MARKETNG was the creator. This is
considered a security breach.
Beginning with MPE/iX Release 4.5, all newly created files, renamed
files, and copied files have file ownership specified in the file
label in the form username.accountname. This enhancement of file
ownership from creator (in the form username) to owner (in the form
username.accountname) ensures the uniqueness of file ownership across the
whole system. This enhancement of file ownership corresponds to the new
feature of a user ID (UID) associated with each user on the system.
Using the example specified above, the file label of a file created by
LINDA.FINANCE that is renamed to the MARKETNG account specifies the
creator/owner to be LINDA.FINANCE. The file system is able to distinguish
owner LINDA.FINANCE from LINDA.MARKETNG and does not allow LINDA.MARKETNG
creator/owner access to that file.
File labels of files existing on your system prior to MPE/iX Release 4.5
that have not been copied or renamed continue to specify ownership using
only the creator name (in the form username). Since these files remain
within the MPE account structure (that is, directly under MPE groups),
either standard MPE file system security features or ACDs continue to
ensure security for these files.
When a file is renamed across account boundaries, the file owner can
continue to access the file as the owner only if MPE/iX security
provisions allow him/her access to that file. (However, the renamed file
still belongs to the original file group and is still managed by the
original account manager.)
For example, if a process being executed by LINDA.FINANCE were
to call the FRENAME intrinsic to rename a file PAYROLL to
/MARKETNG/PUB/directory1/PAYROLL, the process (whose UID is currently
associated with LINDA.FINANCE) must have either SM capability assigned to
the user associated with the process's UID or the following access
rights:
* MPE save files (SF) capability assigned to the user associated
with the process's UID (in this case, LINDA.FINANCE).
* Delete directory entry (DD) access to the source file's parent
directory (specified in the ACD associated the directory).
* Traverse directory (TD) access to all parent directories of the
target file (specified in the ACD associated with each directory).
* Create directory entry (CD) access to the target file's parent
directory (specified in the ACD associated with directory1/).
* Standard file system security provisions or the ACD associated
with the source file allows the user write access to the source
file if it lives in a group. Write access to the file is only
required for files in MPE groups. It is part of the definition of
DD access for groups.
For additional restrictions on renaming a file using the FRENAME
intrinsic or the RENAME command, refer to the appropriate descriptions
located in the MPE/iX Intrinsics Reference Manual (32650-90028) and
MPE/iX Commands Reference Manual, Vol. II (32650-90374), respectively.