Configuring File Read/Write Access Control Policies
If the hardware environment supports the Trusted Platform Control Module (TPCM), TPCM file access control policies can provide trusted measurement and control services for agent programs and skill files, transcending system root privileges to block unauthorized access, modification, and reading operations.
File access control policies allow you to configure read or write protection for directories or files. Perform the following steps to configure a write protection policy for skill files to ensure they will not be tampered with by unauthorized processes during OpenClaw runtime:
- Enter the management center access URL https://<host_ip_address>:8081/ in a web browser to log in.

- Log in to the management center as a security administrator.

- Choose Policy Management > File Access Control > Collection, and add a file write protection policy.

Select the terminal, add the file path to be protected, and set Type to File, Protection Type to Write Protection, and Measurement Flag to None.

Click Save > OK > Enable.

- Check the terminal to ensure that the write-protected files are secure against modification.
