•
|
For more information on how inclusion and exclusion specifications are used, see the Maple Engine Security help page.
|
Use the default security settings, which includes:
–
|
disabling all write access
|
–
|
disabling calls to the system
|
–
|
disabling read access to everything except those files listed in libname and those files located immediately below directories listed in libname
|
–
|
disabling external call access to everything except those files located immediately below the Maple bin.<platform> directory and any toolbox bin.<platform> directories.
|
Append the file to the list of inclusion specifications for readable files in the engine security settings. Roughly, this is a readable file.
Append the file to the list of exclusion specifications for readable files in the engine security settings. Roughly, this is a non-readable file.
Append the file to the list of inclusion specifications for writable files in the engine security settings. Roughly, this is a writable file.
•
|
--secure-nowrite=<file>
|
Append the file to the list of exclusion specifications for writable files in the engine security settings. Roughly, this is a non-writable file.
•
|
--secure-extcall=<file>
|
Append the file to the list of inclusion specifications for loadable external libraries in the engine security settings. Roughly, this is a loadable library.
•
|
--secure-noextcall=<file>
|
Append the file to the list of exclusion specifications for loadable external libraries in the engine security settings. Roughly, this is a non-loadable library.
•
|
--secure-readspec=<file>
|
Read the file and append the contained specifications to the list of inclusion and exclusion specifications for readable files in the engine security settings. This option is a convenient method for passing complex specifications.
•
|
--secure-writespec=<file>
|
Read the file and append the contained specifications to the list of inclusion and exclusion specifications for writable files in the engine security settings. This option is a convenient method for passing complex specifications.
•
|
--secure-extcallspec=<file>,...
|
Read the file and append the contained specifications to the list of inclusion and exclusion specifications for loadable external libraries in the engine security settings. This option is a convenient method for passing complex specifications.
•
|
--secure-syscall[=enable|disable]
|
Enable or disable calls to system/ssystem. These calls are disabled by default if any other security option is given.
•
|
--secure-mode[=enable|disable]
|
Enable or disable security. Security is enabled by default if any other security option is given. Disabling security is convenient if you are only interested in testing how security command line options are processed.