options
Specify any of the following attributes:
Protected Protects the ACE against casual deletion. Protected
ACEs can be deleted only in the following ways:
o By using the ACL editor
o By specifying the ACE explicitly when deleting it
Use the command SET SECURITY/ACL=(ace)/DELETE to
specify and delete an ACE.
o By deleting all ACEs, both protected and
unprotected
Use the command SET SECURITY/ACL/DELETE=ALL to
delete all ACEs.
The following commands do not delete protected ACEs:
SET SECURITY/ACL/DELETE
SET SECURITY/LIKE
SET SECURITY/DEFAULT
Nopropagate Indicates that the ACE cannot be copied by
operations that usually propagate ACEs. For example,
the ACE cannot be copied by the SET SECURITY/LIKE or
SET SECURITY/DEFAULT commands.
None Indicates that no attributes apply to an entry.
Although you can create an ACL entry with
OPTIONS=None, the attribute is not displayed.
Whenever you specify additional attributes with
the None attribute, the other attributes take
precedence. The None attribute is equivalent to
omitting the field.
identifier
A general identifier specifying the users or groups of users who
are allowed or denied access to an object. It is an alphanumeric
string of 1 through 31 characters, containing at least one
alphabetic character. It can include the letters A to Z, dollar
signs ($), underscores (_), and the numbers 0 to 9. For more
information, see the OpenVMS Guide to System Security.
A Subsystem ACE can have multiple pairs of identifiers, with
special attributes assigned to the identifiers. A subsystem might
require several identifiers to work properly. For example:
(SUBSYSTEM,IDENTIFIER=MAIL_SUBSYSTEM,ATTRIBUTE=NONE,IDENTIFIER=BLDG5,ATTRIBUTE=NONE)
attribute
The identifier characteristics you specify when you add
identifiers to the rights list or grant identifiers to users.
You can specify the following attribute:
Resource Allows holders of the identifier to charge disk
space to the identifier. Used only for file
objects.