Previous PageTable Of ContentsNext Page

    SafeSFS Rule Evaluation Process


The following is a description of the process SafeSFS uses to determine the outcome of a request to access an SFS object. SafeSFS evaluates the request based on the rules defined in the SafeSFS rules database. The table above illustrates the evaluation process.
  1. SafeSFS checks to see if the requestor is the owner of the SFS object to be accessed. If the requestor is the owner, the request is accepted. Ownership may not be overridden by a rule. If the requestor is not the owner, the evaluation process continues.


  2. SafeSFS examines the rules in the GLOBAL ADMIN rule file. If a matching REJECT rule is found, the request is rejected. If a matching ACCEPT rule is found, the request is accepted. If a matching rule is not found, the evaluation process continues.


  3. SafeSFS examines the Acigroup GRPADMIN rule file. If a matching REJECT rule is found, the request is rejected. If a matching ACCEPT rule is found, the request is accepted. If a matching rule is not found, the evaluation process continues.


  4. SafeSFS examines the Userid USRADMIN rule file. If a matching REJECT rule is found, then the request is rejected. If a matching ACCEPT rule is found, the request is accepted. If a matching rule is not found, the evaluation process continues.


  5. SafeSFS looks for matching CO-OWNER rules. All CO-OWNER rules are searched regardless of which rule file contains the rule. If a matching REJECT rule is found, the request is rejected. If a matching ACCEPT rule is found, the request is accepted. If a matching rule is not found, the evaluation process continues.


  6. SafeSFS examines the Userid USRDFLT rule file. If a matching REJECT rule is found, the request is rejected. If a matching ACCEPT rule is found, the request is accepted. If a matching rule is not found, the evaluation process continues.


  7. SafeSFS examines the Acigroup GRPDFLT rule file. If a matching REJECT rule is found, then the request is rejected. If a matching ACCEPT rule is found, the request is accepted. If a matching rule is not found, the evaluation process continues.


  8. SafeSFS examines the rules in the GLOBAL DEFAULT rule file. If a matching REJECT rule is found, the request is rejected. If a matching ACCEPT rule is found, the request is accepted. If a matching rule is not found, the evaluation process continues.


  9. No rule was found. SafeSFS rejects the request, unless DEFER mode is ON. If DEFER mode is ON, then the request is deferred to SFS for evaluation.


Previous PageTable Of ContentsNext Page