On Tru64 UNIX, access control policy is as follows:
o Any user is allowed to use the show command.
o To execute any command that modifies network data, the user must
have superuser privileges.
o When commands default to the local node (either by not specifying
a node, or using Node 0), NCL communicates with the CML
application by way of pipes, and the priviledges are determined
by the user id (UID) that NCL is running under.
o When commands are issued to a remote node or to the local node by
explicitly including the node name (for example, using
node alpha on the system named alpha), then the access granted
depends on the access control provided; the session control
attributes defined for CML on the target node; and the proxy
accounts set up on the target node.
o The access control used with a command is determined as follows:
-- If any explicit access control is included on the command line,
that is what is used. The information can be provided either
after the node name (for example, node alpha/smith/abc or
through the use of a "by" clause, for example,
by user = smith, password = abc).
-- If no explicit access control is provided, then NCL checks if
any default access has been previously set, and if so, uses
that. Default access is set using the
set ncl default access by user = USER, password = PASSWORD
command. The current state of NCL's default access can be
checked with the show ncl default access command.
-- If neither of the these cases applies, no access information
is used.
o When an NCL command arrives at a target node, the access control
accompanying the command, along with the session control proxy
entries and session control application cml characteristics
determine what will be allowed. By default (as DECnet is initially
installed), all show commands are allowed, and commands that alter
network data are allowed only if the root account and password are
explicitly provided. To modify this behavior, refer to the
appropriate manual entries on session control.