Security Configuration

All Products Maple MapleSim

Home : Support : Online Help : System : Command-Line Maple : Security Configuration

Command-line Configuration of Maple Engine Security

Summary of Command-line Options

Description of Command-line Options

Examples

File Specification

Summary of Command-line Options

•	maple accepts the following command-line options for configuration of security:

-z	use the default security settings
--secure-read=<file>	add to the inclusion specification for readable files
--secure-noread=<file>	add to the exclusion specification for readable files
--secure-write=<file>	add to the inclusion specification for writable files
--secure-nowrite=<file>	add to the exclusion specification for writable files
--secure-extcall=<file>	add to the inclusion specification for loadable external libraries
--secure-noextcall=<file>	add to the exclusion specification for loadable external libraries
--secure-readspec=<file>	read the specifications for readable files from the given files
--secure-writespec=<file>	read the specifications for writable files from the given files
--secure-extcallspec=<file>	read the specifications for loadable external libraries from the given files
--secure-syscall[=enable\|disable]	enable (disable) calls to system/ssystem
--secure-mode[=enable\|disable]	enable (disable) security.

•	These options are processed in the order in which they are specified on the command line, from left to right. This allows for easy modification of the default settings.

Description of Command-line Options

•	For more information on how inclusion and exclusion specifications are used, see the Maple Engine Security help page.

•

-z

Use the default security settings, which includes:

–	disabling all write access

–	disabling calls to the system

–	disabling read access to everything except those files listed in libname and those files located immediately below directories listed in libname

–	disabling external call access to everything except those files located immediately below the Maple bin.<platform> directory and any toolbox bin.<platform> directories.

•	--secure-read=<file>

Append the file to the list of inclusion specifications for readable files in the engine security settings. Roughly, this is a readable file.

•	--secure-noread=<file>

Append the file to the list of exclusion specifications for readable files in the engine security settings. Roughly, this is a non-readable file.

•	--secure-write=<file>

Append the file to the list of inclusion specifications for writable files in the engine security settings. Roughly, this is a writable file.

•	--secure-nowrite=<file>

Append the file to the list of exclusion specifications for writable files in the engine security settings. Roughly, this is a non-writable file.

•	--secure-extcall=<file>

Append the file to the list of inclusion specifications for loadable external libraries in the engine security settings. Roughly, this is a loadable library.

•	--secure-noextcall=<file>

Append the file to the list of exclusion specifications for loadable external libraries in the engine security settings. Roughly, this is a non-loadable library.

•	--secure-readspec=<file>

Read the file and append the contained specifications to the list of inclusion and exclusion specifications for readable files in the engine security settings. This option is a convenient method for passing complex specifications.

•	--secure-writespec=<file>

Read the file and append the contained specifications to the list of inclusion and exclusion specifications for writable files in the engine security settings. This option is a convenient method for passing complex specifications.

•	--secure-extcallspec=<file>,...

Read the file and append the contained specifications to the list of inclusion and exclusion specifications for loadable external libraries in the engine security settings. This option is a convenient method for passing complex specifications.

•	--secure-syscall[=enable\|disable]

Enable or disable calls to system/ssystem. These calls are disabled by default if any other security option is given.

•	--secure-mode[=enable\|disable]

Enable or disable security. Security is enabled by default if any other security option is given. Disabling security is convenient if you are only interested in testing how security command line options are processed.

	Examples
	maple -z --secure-extcall=/foo/* This command will run maple with the default security restrictions, but will also allow external call access to files immediately below /foo. maple -z --secure-mode=disable This command will run maple with the default security settings, but security will be disabled. This allows you the inspect the security settings without applying them.

File Specification

•	For more information on file specifications, see the File Specifications for Maple Engine Security help page.

Maple

Maple Add-Ons

MapleSim

MapleSim Add-Ons

Systems Engineering

Consulting Services

Maple T.A. and Möbius

Education

Industries

Automotive and Aerospace

Robotics

Machine Design & Industrial Automation

Other

Application Areas

Product Pricing

Purchasing

Institutional Student Licensing

Maplesoft Elite Maintenance (EMP)

Support

Product Training

Online Product Help

Webinars & Events

Publications

Content Hubs

Examples & Applications

Community

About Maplesoft

Media Center

User Community

Contact

Online Help

All Products Maple MapleSim

Maple

Powerful math software that is easy to use

Maple Add-Ons

MapleSim

Advanced System Level Modeling

MapleSim Add-Ons

Systems Engineering

Consulting Services

Maple T.A. and Möbius

Education

Industries

Automotive and Aerospace

Robotics

Machine Design & Industrial Automation

Other

Application Areas

Product Pricing

Purchasing

Institutional Student Licensing

Maplesoft Elite Maintenance (EMP)

Support

Product Training

Online Product Help

Webinars & Events

Publications

Content Hubs

Examples & Applications

Community

About Maplesoft

Media Center

User Community

Contact

Online Help

All Products Maple MapleSim