1 – Object Protection
Modifying and displaying the security characteristics of
protected objects.
SET SECURITY Modifies the access control list (ACL),
protection code, and owner of a protected
object.
SHOW SECURITY Displays the name, class, and profile of a
protected object. The profile lists the object's
access control list (ACL), protection code, and
owner.
2 – Protection Codes
A protection code controls the type of access allowed (or denied)
to a particular user or group of users. It has the following
format:
[category:list of access allowed(,category:list of access allowed,...)]
o Category
User categories include system (S), owner (O), group (G),
and world (W). Each category can be abbreviated to its first
character. Categories have the following definition:
System Any user process or application whose UIC is
in the range 1 through 10 (octal), has SYSPRV
privilege, or is in the same group as the owner
and holds GRPPRV.
Owner Any user process or application whose UIC is
identical to the UIC of the object.
Group Any user process or application whose Group UIC is
identical to the group UIC of the object.
World Any user process or application on the system.
When specifying more than one user category, separate the
categories with commas, and enclose the entire code in
parentheses. You can specify user categories and access types
in any order.
A null access specification means no access, so when you omit
an access type for a user category, that category of user
is denied that type of access. To deny all access to a user
category, specify the user category without any access types.
Omit the colon after the user category when you are denying
access to a category of users.
o access-list
For files, the access types include read (R), write (W),
execute (E), or delete (D). The access type is assigned
to each ownership category and is separated from its
access types with a colon (:); for example, SET SECURITY
/PROTECTION=(S:RWE,O:RWE,G:RE,W). File access types have the
following meanings:
Read Gives you the right to read, print, or copy a disk
file. With directory files, the right to read or list
a file and use a file name with wildcard characters
to look up files. Read access implies execute access.
Write Gives you the right to write to or change the
contents of a file, but not delete it. Write access
allows modification of the file characteristics that
describe the contents of the file. With directory
files, the right to make or delete an entry in the
catalog of files.
Execute Gives you the right to execute a file that contains
an executable program image or DCL command procedure.
With a directory file, the right to look up files
whose names you know.
Delete Gives you the right to delete the file. To delete
a file, you must have delete access to the file and
write access to the directory that contains the file.
Control Gives you the right to file characteristics,
including the protection code and ACL. Special
restrictions apply to changing the owner of a file.
3 – Assigning File Profiles
The new file obtains its owner, protection code, and ACL from a
number of sources. The ownership assignment of a new file is done
independently of protection and ACL.
3.1 – Ownership
If any of the following conditions are true, then you can assign
an identifier as the owner of a file:
o The identifier matches your process UIC.
o You hold the identifier with the Resource attribute.
o You hold GRPPRV privilege and the identifier's group number
matches your UIC group.
o You hold SYSPRV privilege.
A file receives its owner identifier from the first applicable
source that you are allowed to assign:
o The explicit assignment of an owner at creation with the
/OWNER_UIC qualifier to the CREATE or COPY command
o The previous version
o The parent directory
o The process UIC
3.2 – Protection Code and ACL
The sources of a new file's protection code and ACL are similar
to those of ownership and are considered in the same order. The
system assigns a file's protection code and ACL from one of the
following sources:
1. The explicit assignment of elements at creation
2. The profile of the previous version of the file, if one exists
3. A Default Protection ACE and Default ACL on the parent
directory
4. The UIC and protection defaults of the process issuing the
command
5. One of the above with provision for the user creating the file
See the OpenVMS Guide to System Security for further information.
4 – Security Auditing
The SET AUDIT command and the SHOW AUDIT command provide the
management interface to the security auditing system, and the
ANALYZE/AUDIT command processes the audit log file.
ANALYZE/AUDIT Processes event messages in security audit
log files to produce reports of security-
related events on the system.
SET AUDIT/ENABLE Select categories of events to audit.
/AUDIT
SET AUDIT/SERVER Change the operational characteristics of
the audit server
SET AUDIT/JOURNAL Establish the location of the audit log
/DESTINATION file.
SET AUDIT/RESOURCE Control the monitoring of the log file's
disk space.
SHOW AUDIT Displays the security auditing
characteristics in effect on the system.