QM uses the underlying operating system to manage processes, files, devices, etc. Therefore, all issues of access permissions ultimately lie with the operating system. This section gives some guidance on setting permissions within a QM system but individual application needs should be taken into account.
The QMSYS Account
The only users who should be working in the QMSYS account are system administrators. It is reasonable that these people should have write access to QMSYS. No other user ever needs to create an item in the QMSYS directory itself. Therefore the directory can be protected so that only administrators can write to it.
System administrators need write access to all items in the QMSYS account. The following table sets out the additional access rights needed for other users.
|
|
Developers
|
Others
|
$FORMS
|
Form queue definitions created with SET.QUEUE for use with SP.ASSIGN.
|
Full
|
Full
|
$HOLD
|
Hold file for QMSYS account
|
None
|
None
|
$HOLD.DIC
|
Dictionary for $HOLD
|
None
|
None
|
$IPC
|
Inter-process communication file
|
Full
|
Full
|
$LOGINS
|
User name database
|
Full
|
Full
|
$MAP
|
Catalogue map
|
Full (note 1)
|
None
|
$MAP.DIC
|
Dictionary for $MAP
|
Read
|
Read
|
$SCREENS
|
Screens database
|
Read
|
Read
|
$SVLISTS
|
$SAVEDLISTS file
|
None
|
None
|
$VAULT
|
Encryption key vault
|
Read
|
Read
|
ACCOUNTS
|
Accounts database
|
Read (note 2)
|
Read (note 2)
|
ACCOUNTS.DIC
|
Dictionary for ACCOUNTS
|
Read
|
Read
|
audit.log
|
Encryption audit log
|
None
|
None
|
bin
|
Executable files
|
Read
|
Read
|
BP
|
Sample QMBasic items
|
Read
|
Read
|
cat
|
Private catalogue
|
None
|
None
|
DICT.DIC
|
Dictionary for dictionaries
|
Read
|
Read
|
DIR_DICT
|
Dictionary for directory files
|
Read
|
Read
|
DOCS
|
Documentation (Windows only)
|
Read
|
Read
|
errlog
|
Optional error log file
|
Full (note 3)
|
Full (note 3)
|
ERRMSG
|
Pick style error message file
|
Read (note 4)
|
Read (note 4)
|
ERRMSG.DIC
|
Dictionary for ERRMSG
|
Read
|
Read
|
gcat
|
Global catalogue
|
Full
|
Read (note 5)
|
MESSAGES
|
Message database
|
Read
|
Read
|
NEWVOC
|
Template VOC file
|
Read
|
Read
|
QM.VOCLIB
|
VOC extension
|
Read
|
Read
|
stacks
|
Command stack repository
|
None
|
None
|
SYSCOM
|
System include records
|
Read
|
None
|
temp
|
Temporary directory (Windows only)
|
Full
|
Full
|
terminfo
|
Terminfo database
|
Read
|
Read
|
terminfo.src
|
Terminfo definitions
|
None
|
None
|
VOC
|
Vocabulary file
|
Read
|
Read
|
VOC.DIC
|
Dictionary for VOC
|
None
|
None
|
errlog
|
Error log
|
Full
|
Full
|
qm.hlp
|
Help text (Windows only)
|
Read
|
Read
|
QMSvc.log
|
QMSvc log (Windows only)
|
None
|
None
|
1. | Write access to $MAP is only needed by users who execute the MAP command to create a catalogue map with the default destination file name. |
2. | Any user who is to be allowed to create new accounts will need write access to this file. Restricting write access on this file closes a potential security risk by preventing users creating synonyms to existing accounts that might subvert application level security mechanisms. |
3. | If error logging is enabled (see the ERRLOG configuration parameter), all users need full access to the optional errlog file. Any user that does not have write access will not log errors. |
4. | This file contains standard Pick style messages. Although rare, some applications may write to this file. |
5. | It is possible to restrict access to individual items in the gcat subdirectory. Users need read access (not execute access) to run a compiled QMBasic program. |
Application Accounts
In general, users should have free access to all files. Taking write access away on the VOC can be used to prevent users modifying its content but beware that some applications modify the VOC as part of their normal operation.
Other System Files
The only QM file located outside of account structures is the configuration file (qm.ini in the Windows directory on Windows, /etc/qmconfig on other platforms). All users need read access to this file.
The configuration file is updated by the QMTerm terminal emulator and by the QMNet server related commands. Users of these features therefore need write access.
|