This Security Monitor feature provides security protection for objects at the time they are created.
This can be accomplished:
By enforcing a restrictive default access control on newly created files.
By requiring the user to explicitly specify the desired access controls on the file when requesting its creation.
In either case, absolutely no unauthorized access to newly created files
is allowed.
When set, the Maximum Protection feature enforces restrictive access to newly created files. The standards for access to newly created files are:
If the feature is enabled and there is no ACD attached to the file, the default ACD is set to (RACD:@.@).
If the feature is enabled and there is an ACD present, the ACD is used to mediate access.
If the feature is not enabled and there is no ACD present, the normal file access matrix is used in the default fashion.
 |
| |
|
 | NOTE: (RACD:@.@)means the CREATOR of the file and processes with the appropriate privilege (either AM or SM) will be able to access the file. All other processes will only be able to read the ACD. The CREATOR can always modify the ACD afterwards. |
|
| |
|
