Passwords and rights are both excellent security features on NetWare. They are enough to ensure that all your files and directories are not tampered with. But NetWare provides another line of defense in the form of file and directory attributes.
Attributes are special properties assigned to files and directories. Attributes override rights and prevent tasks that rights would allow. For example, if USER8 has the Erase right in a directory PROGRAMS, he or she would normally be able to delete files in that directory. However, if the files have the Delete Inhibit attribute set, this would not be possible.
Lists some important attributes along with their description.
Attribute | Code | Description |
Delete Inhibit | DI | Prevents erasure of files and directories. Overrides Erase right |
Hidden | H | Hides files and directories from the DIR command of DOS, but not from the NDIR command if you have File Scan right |
Purge | P | Purges files as soon as they are deleted (The purge command is dealt with later) |
Read Only | RO | Indicates whether a file can be modified. (The attribute automatically turns on Delete Inhibit and Rename Inhibit attributes) |
Rename Inhibit | RI | Prevents renaming of files and directories |
All Attributes | ALL | Provides all available attributes |
Normal | N | Clears all attributes |
Selective List of File Attributes
To assign attributes to a file, the command to be used is FLAG. The syntax is:
FLAG [path] [flaglist]
You may issue the FLAG command without any parameters to view the attributes of all files in the current directory. To view the attributes of a specific file, you can provide the filename along with the command. The command given below will display the attributes of the file EMPDAT.DBF.
FLAG EMPDAT.DBF
Wildcard characters can also be used along with the FLAG command. For example,
FLAG*.TXT
would allow you to view the attributes of all files with the extension TXT.
The FLAG command, like all NetWare commands, allows you to specify a volume name along with the path. For example, to provide Read-only and Hidden attributes to all files in the PROJ directory on volume VOL1, you may issue the command
FLAG VOL1:PROJ\*.*RO H
To provide all available attributes to all files in the current directory, the command
FLAG *.* ALL
can be used.
All attributes from the files in PROJ directory on volume VOL1 can be cleared with the command
FLAG VOL1:PROJ\*.* N
While the FLAG command allows you to change the attributes of files, the attributes of directories can be changed using the FLAGDIR command.
The FLAGDIR command allows you to change only the following attributes:
- N - Normal
- H - Hidden
- P - Purge
- DI -Delete Inhibit
- RI - Rename Inhibit.
For a description of these flags refer to the table provided with the FLAG command.
Now that you know about rights and attributes, you should always ensure that you practice the following:
- Log out of LAN after every session
- Do not provide rights to users who you think may tamper with your files
- Protect all critical files using attributes