The DAX/2 System – Version 8.0.5
22
10 User management and access control
Starting with System 7.0, Nanite Systems recreational units support comprehensive user management over the teletype
interface or the local menu. There are five distinct levels of user:
unauthorized
(public)
users
,
group members
,
authorized
(regular)
users
,
managers
, and one
owner
. (Later versions may add additional ranks.) Of the five types, the unit keeps track
of only the latter three. System 8.0.5 does not support an access blacklist.
Adding a new user
Adding a new user is accomplished through the
manage :: users > add
voice prompt menu. The user must be physically
present to be added. Only managers and owners may access the
manage
menu, and therefore add new users.
Creating a manager
Managers are users trusted by the unit’s owner to ensure that it is properly configured and that its list of authorized users is
accurate. They may perform any operation on the unit other than creating other managers, transferring the unit’s ownership,
or resetting the
submission
security management module. (See page 29.) To set an existing user to the manager role,
select the user’s name from the
manage :: users
menu and then press
change level
.
Removing a user
To remove a user, select the user’s name from the
manage :: users
menu and then press
remove
. A manager may only
remove regular users and himself or herself. If the owner is removed, the unit will automatically take on self-ownership as if
it were newly manufactured.
Transferring ownership
To transfer ownership to another person: add that person to the unit’s user list, select his or her name from the
manage ::
users
menu, and then choose
make owner
. You (the previous owner) will be automatically set to manager status.
Abandoned units
In the event a unit is abandoned by its primary owner, it can be sanitized by clearing the NVRAM and wiping the security
manager’s active user table. This is accomplished with the
keychain reset
command, which must be executed by the
unit itself or its current owner.
Local access control
Local access determines who may use the TTY menu and the touchscreen. It comes in four levels: public (anyone), group (all
authorized users + the unit’s group), users (only authorized users), and private (owner-only.) This can be configured from the