Do I want to limit client access to some files?

This topic describes considerations for limiting file access to only certain clients for security reasons.

You can prevent clients from accessing sensitive data using the file-permission semantics that are defined by the client platform.

In the current release of SAN File System, it is recommended that you separate files in the filesets for each client platform; that is, a Windows® client should create files only within filesets dedicated to Windows files, and a UNIX®-based client should create files only within filesets dedicated to UNIX. This is referred to as the primary allegiance of a fileset, either Windows or UNIX. The different client platforms can, however, share files in a common fileset if the permissions allow. Therefore, it is important to set up your ACLs on the clients to accomplish this goal.

Parent topic: Planning the security strategy

Terms of use | Feedback
(C) Copyright IBM Corporation 2003, 2004. All Rights Reserved.