OpenVMS memory management services allow processes to communicatethrough shared memory pages called global sections. Using globalsections, two or more processes can map the same page into their individualvirtual address spaces, thereby sharing the same page of code ordata.
A global section can provide access to a disk file (calleda file-backed global section), provide access to dynamically createdstorage (called a page file-backed global section), or provide accessto specific physical memory (called a page frame number [PFN] globalsection). A global section object may be either temporary or permanent.
The operating system supports two types of global sectionobjects:
Group globalsections are shareable memory sections potentially availableto all processes in the same group.
System global sections areshareable memory sections potentially available to all processesin the system.
NamingRules The name of the object is a string of 1 to 44 characters.For group global sections, the name is qualified by your UIC groupnumber.
Typesof Access The global section class supports the following types of access:
Read
Gives you the right to mapthe section for read access.
Write
Gives you the right to mapthe section for write access.
Execute
Gives you the right to mapthe section for read access. Only software running in executiveor kernel mode can request this access.
Control
Gives you the right to modify the protectionelements of PFN global sectionsand page file-backed global sections.
Template Profile File-backed global sections share the security profile ofthe associated disk file. Whenever the profile of the backing fileis modified, the global section's profile automatically changes.To modify the protection elements of file-backed global sections,you must modify the backing file instead.
The global section class provides the following template profiles.Although the template assigns an owner UIC of [0,0], this valueis only temporary. As soon as the object is created, the operatingsystem replaces a 0 value with the value in the corresponding fieldof the creating process's UIC.
Type
Template Name
Owner UIC
Protection Code
System
DEFAULT
[0,0]
S:RWE,O:RWE,G:RWE,W:RWE
Group
DEFAULT
[0,0]
S:RWE,O:RWE,G:RWE,W:RWE
The operating system modifies the templates according to thevalues provided in the prot argumentto $CRMPSC. The prot argumentis ignored for file-backed sections.
To maintain compatibility with earlier versions of the operatingsystem, the DEFAULT templates have protection codes allowing worldaccess. Some applications may need a more restrictive default thanthe templates provide. If you do choose to restrict global sectionaccess, be aware that the more restrictive access can cause applicationsto fail in ways that are difficult to diagnose.
Privilege Requirements The SYSGBL privilege is required to create or delete a systemglobal section. The PFNMAP privilege is necessary to create or deletea page frame section, and the PRMGBL privilege is required to createor delete a permanent global section.
Kinds of Auditing Performed The following types of events can be audited, provided thesecurity administrator enables auditing for the appropriate eventclass:
Event Audited
When Audit Occurs
Creation
When a page file-backedor a PFN global section is created by the Create and Map Sectionsystem service ($CRMPSC).
Access
When an existing page file-backedor a PFN global section is accessed with either $CRMPSC or the MapGlobal Section system service ($MGBLSC). The operating system auditsaccess to a file-backed global section as a file access.
Deaccess
At image or process rundownwhen the process virtual address space is reset or deleted.
Deletion
If a process with PRMGBL privilege, PFNMAPprivilege, or SYSGBL privilege (in the case of a system global section)deletes a permanent global section, the operating system auditsthe event through the use of privilege.
Permanence of the Object A global section and its security profile need to be resetafter every system boot.
HP OpenVMS Guide to System Security
Security for the User
