Restricting access to CMI commands
You can restrict access to the mkcmprovider and rmprovider commands to prevent inadvertent or malicious use of these commands.
You can use triggers to detect and control use of these CMI operations,
as follows:
- In a base-VersionVault environment, a trigger can be attached to the mkattr or rmattr operation on a branch type. In this case, the VersionVault trigger environment variable CLEARCASE_ATTYPE is set to the value CC_CMI_CONTEXT when the trigger fires.
- In a UCM environment, a trigger can be attached to the chstream operation. In this case, the VersionVault trigger environment variable CLEARCASE_CMI_OP is set to mkcmprovider or rmprovider.