Library /sys$common/syshlp/ACLEDT.HLB  —  CREATOR_ACE
    Adds an extra ACE to the ACL for a file created within the
    directory to which you assign the Creator ACE. The Creator ACE
    applies only when the following conditions exist:

    o  The file being created is not owned by the user identification
       code (UIC) of the process creating the file.

    o  The process creating the file does not have system privileges.

    For example, both of these conditions exist when a process
    holding a general identifier with the Resource attribute
    creates a file in a directory owned by that identifier. In this
    situation, the system adds an extra ACE at the top of the new
    file's ACL. If there is a Creator ACE in the ACL for the parent
    directory, the system propagates the access specified in the
    Creator ACE to the new ACE. If a directory lacks a Creator ACE,
    the system assigns an extra ACE with a combination of control
    access and ownership access. A Creator ACE with ACCESS=NONE
    suppresses the addition of the extra ACE.

    The Creator ACE applies to directory files only.

    See the OpenVMS Guide to System Security for more information.

    Format

      (CREATOR [,OPTIONS=attribute[+attribute...]]

      ,ACCESS=access-type[+access-type...])

1  –  Parameters 

 options

    Specify any of the following attributes:

    Protected    Protects the ACE against casual deletion. Protected
                 ACEs can be deleted only in the following ways:

                 o  By using the ACL editor

                 o  By specifying the ACE explicitly when deleting it

                    Use the command SET SECURITY/ACL=(ace)/DELETE to
                    specify and delete an ACE.

                 o  By deleting all ACEs, both protected and
                    unprotected

                    Use the command SET SECURITY/ACL/DELETE=ALL to
                    delete all ACEs.

                 The following commands do not delete protected ACEs:

                    SET SECURITY/ACL/DELETE
                    SET SECURITY/LIKE
                    SET SECURITY/DEFAULT

    Nopropagate  Indicates that the ACE cannot be copied by
                 operations that usually propagate ACEs. For example,
                 the ACE cannot be copied by the SET SECURITY/LIKE or
                 SET SECURITY/DEFAULT commands.
    None         Indicates that no attributes apply to an entry.
                 Although you can create an ACL entry with
                 OPTIONS=None, the attribute is not displayed.
                 Whenever you specify additional attributes with
                 the None attribute, the other attributes take
                 precedence. The None attribute is equivalent to
                 omitting the field.

 access

    Specify access types that are valid for files (read, write,
    execute, delete, and control).
Close Help