77 lines
5.0 KiB
HTML
77 lines
5.0 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="concept" />
|
|
<meta name="DC.Title" content="Secure the integrated file system" />
|
|
<meta name="abstract" content="The integrated file system provides you with multiple ways to store and view information on the system." />
|
|
<meta name="description" content="The integrated file system provides you with multiple ways to store and view information on the system." />
|
|
<meta name="DC.Relation" scheme="URI" content="rzamvsetrscsec.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="secureifs" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Secure the integrated file system</title>
|
|
</head>
|
|
<body id="secureifs"><a name="secureifs"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Secure the integrated file system</h1>
|
|
<div><p>The integrated file system provides you with multiple ways to store
|
|
and view information on the system.</p>
|
|
<p> The integrated file system is a part of the i5/OS™ operating system that supports stream
|
|
input and output operations. It provides storage management methods that are
|
|
similar to, and compatible with, personal computer operating systems and UNIX<sup>®</sup> operating
|
|
systems.</p>
|
|
<p>With the integrated file system, all objects on the system can be viewed
|
|
from the perspective of a hierarchical directory structure. However, in most
|
|
cases, users view objects in the way that is most common for a particular
|
|
file system. For example, standard system objects are in the QSYS.LIB file
|
|
system. Typically, users view these objects from the perspective of libraries.
|
|
Users typically view objects in the QDLS file system from the perspective
|
|
of documents within folders. The <span class="q">"root"</span> (/), QOpenSys, and user-defined
|
|
file systems present a structure of hierarchical directories.</p>
|
|
<div class="p">As a security administrator, you need to understand:<ul><li>Which file systems are used on your system</li>
|
|
<li>The unique security characteristics of each file system</li>
|
|
</ul>
|
|
</div>
|
|
<p>The <span class="q">"root"</span> (/) file system acts as a foundation for all other file
|
|
systems on IBM<sup>®</sup> Systems.
|
|
At a high level, it provides an integrated view of all of the objects on the
|
|
system. Other file systems that can exist on IBM Systems provide varying approaches to
|
|
object management and integration, depending on the underlying purpose of
|
|
each file system. The QOPT (optical) file system, for example, allows system
|
|
applications and servers, including the iSeries™ Access for Windows<sup>®</sup> file
|
|
server, to access the CD-ROM drive on the system. Similarly, the QFileSvr.400
|
|
file system allows applications to access integrated file system data on remote
|
|
systems. The QLANSrv file server allows access to files stored on Integrated xSeries<sup>®</sup> Server
|
|
for iSeries or
|
|
other connected servers in the network.</p>
|
|
<p>The security approach for each file system depends on the data that the
|
|
file system makes available. The QOPT file system, for example, does not provide
|
|
object-level security because no technology exists to write authority information
|
|
to a CD-ROM. For the QFileSvr.400 file system, access control occurs at the
|
|
remote system, where the files are physically stored and managed. For file
|
|
systems like QLANSrv, the Integrated xSeries Server for iSeries provides
|
|
access control. Despite the differing security models, many file systems support
|
|
consistent management of access control through the integrated file system
|
|
commands, such as Change Authority (CHGAUT) and Change Owner (CHGOWN).</p>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamvsetrscsec.htm" title="This information helps you establish resource security for workstations and printers by setting ownership and public authority to objects, as well as specific authority to applications.">Implement resource security</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |