┌◄─────────── , ───────────┐ ── SECURITY ─┴─<security specification>─┴──────────────────────────────┤
<security specification>
┌◄─────── , ──────┐
──┬─┴─<security file>─┴──────────────────────────────────┬─────────────►
│ ┌◄────────── , ─────────┐ │
└─┴─<security from group>─┴─┬──────────────────────────┤
│ ┌◄─────────────────────┐ │
└─┴─ , ──<security file>─┴─┘
►─┬─ GUARDED ────┬─<guard file title>─┬────────────────────────────────┤
├─ CONTROLLED ─┘ │
│ ┌◄────────────────────┐ │
└─┴─┬─/1\─┬─ PRIVATE ─┬─┴───────────┘
│ └─ PUBLIC ──┤
└─/1\─┬─ IO ──────┤
├─ IN ──────┤
├─ OUT ─────┤
└─ SECURED ─┘<security file>
──┬────────────────┬─<file name>─┬─────────────────────┬───────────────┤
├─ SOURCE ───────┤ └─ ON ──<family name>─┘
└─ OBJECT ─┬─────┤
└─ $ ─┘<security from group>
┌◄────────────── , ──────────────┐
──┴─┬────────────────┬─<file name>─┴─ FROM ──<family name>─────────────┤
├─ SOURCE ───────┤
└─ OBJECT ─┬─────┤
└─ $ ─┘<guard file title>
──<file title>─────────────────────────────────────────────────────────┤
Explanation
The SECURITY command changes the security attributes of files on disk. If one of the files specified is the work file, the security of the work file will also be changed.
If a <family name> is specified, the command applies only to the <file name> on the volume associated with the family name. For example, SECURITY FILEX ON DISK PUBLIC affects only files found on DISK even though the family specification for the session is FAMILY DISK = USERPACK OTHERWISE OTHERPACK.
If a <family name> is not specified, the command applies to the file name found on DISK. If DISK is also the <target family> in the family specification for the session, then the only files affected by the command are those on the <substitute family>. Files on the <alternate family> are not affected.
If the <guard file title> specifies a family name, CANDE searches for the guard file only on the specified family. For example, a <guard file title> of (BILLIE)ENGUARD ON DISK is searched for only on DISK, even if the session has a family specification of FAMILY DISK = BUOYS OTHERWISE GULLS.
If the <guard file title> does not specify a family name, CANDE searches for the guard file on the family DISK. If DISK is also the target family in the family specification for the session, CANDE searches for the guard file on the substitute family, and if necessary, also on the alternate family.
When a family name is specified in the SECURITY command, it is used even if there is a family specification for the session. If no family name is specified and there is a family specification for the session, with DISK as the target family, then a file that is to be altered (the target of the command) is affected only on the substitute family. A guard file, which is not to be altered, is searched for on both the substitute family and the alternate family.
If the guard file is found, its full title, including the usercode or asterisk (*) prefix, and family name is stored as the value of the target file's SECURITYGUARD attribute. If the guard file is in fact not a guard file, an error message is displayed.
If the guard file is not found, the usercode and primary family of the user who entered the SECURITY command are added to the guard file name, unless the user specifies otherwise, and the resulting title is stored as the value of the target file's SECURITYGUARD attribute.
In a <security from group> construct, a FROM <family name> clause applies to all the file names in that construct. An ON <family name> clause applies only to the immediately preceding file name. An ON clause cannot precede a FROM clause in the same command.
When specifying a file name, a user logged on under a nonprivileged usercode cannot enter a usercode specification other than the usercode for the current session.
If a <guard file title> is specified for the work file, its name must be less than 137 characters, including a prefix of either a usercode or an asterisk (*), and an ON <family name> suffix. A prefix or suffix is added by CANDE if not supplied in the command.
CLASSA is allowed as a nonpreferred synonym for PUBLIC.
If SOURCE or OBJECT is used as a file name, it must be enclosed in quotation marks to distinguish it from the keywords SOURCE and OBJECT.
The SECURITY <file name> form specifies the file for which the security attributes are to be changed. The security attributes are changed for the file with the specified file name and any associated object file.
The SECURITY SOURCE <file name> form changes the security attributes of the file with the specified file name but does not affect the object file associated with the file name.
The SECURITY OBJECT <file name> form changes only the attributes of the object file associated with the file name. If a dollar sign ($) follows OBJECT, it indicates that the object file whose security is to be changed is stored as file name, not as OBJECT/<file name>, so only the file with the specified file name has its security changed.
The security options that can be specified are identical to the values of the file attributes SECURITYUSE, SECURITYTYPE, and SECURITYGUARD. The values for SECURITYTYPE are PRIVATE, PUBLIC, GUARDED, and CONTROLLED. The values for SECURITYUSE are SECURED, IN, OUT, and IO. SECURITYGUARD identifies the guard file title. For additional information, refer to the SECURITYUSE, SECURITYTYPE, and SECURITYGUARD attributes in the File Attributes Programming Reference Manual.
The default security values for all CANDE-created files are PRIVATE and IO.
Examples
SECURITY OBJECT MY/EDITOR, TEST PUBLIC IO #(UZER)OBJECT/MY/EDITOR ON USERPACK SECURITY CHANGED #(UZER)TEST ON USERPACK (& OBJECT) SECURITY CHANGED SECURITY F,G FROM OTHERPACK PRIVATE #(UZER)F ON OTHERPACK SECURITY CHANGED #(UZER)G ON OTHERPACK SECURITY CHANGED WHAT #WORKFILE A: ALGOL, 10 RECORDS, SAVED SECURITY A,B,C PUBLIC # (JOE)A ON UPACK (& WORKFILE) SECURITY CHANGED # (JOE)B ON UPACK SECURITY CHANGED
In the following example, the user issues a SECURITY command to adjust the security of the file copied using a COPY command issued on a system configured to support long file names. The security of the file is changed.
SECURITY X/A2345678901234567890/Y PUBLIC # (JOE)X/A2345678901234567890/Y ON DISK SECURITY CHANGED
In the following example, the user issues a SECURITY command to adjust the security of the file copied using a COPY command issued on a system not configured to support long file names. The middle node of the name specified by the user is truncated to 17 characters, and the security of the file is changed.
SECURITY X/A2345678901234567890/Z PUBLIC # WARNING: NAME TRUNCATED TO 17 CHARACTERS: A2345678901234567890 # (JOE)X/A2345678901234567/Z ON PACK SECURITY CHANGED
