skip book previous and next navigation links
go up to top of book: HP OpenVMS Guide to System SecurityHP OpenVMS Guide to System Security
go to beginning of part: Security for the UserSecurity for the User
go to beginning of chapter: Descriptions of Object ClassesDescriptions of Object Classes
go to previous page: Security ClassesSecurity Classes
go to next page: Security for the System AdministratorSecurity for the System Administrator
end of book navigation links

Volumes  



A volume object is one or more ODS-2 or ODS-5 disk volumes.The object consists of multiple volumes when they are part of abound volume set. Although you might have access to the directoriesand files on the volume, you cannot access them if you do not haveaccess to the volume itself.

For access information on tapes and foreign volumes, see the HPOpenVMS System Manager's Manual and the Mount utilitydocumentation in the HP OpenVMS System Management UtilitiesReference Manual.

NamingRules  

A volume name can be the volume label, the name of the deviceon which the volume is mounted, or a user-specified logical name.Volume label names can be from 0--12 characters in length.

Typesof Access  

The volume class supports the following types of access:

Read
Gives you the right to examinefile names and print and copy files on a volume.
Write
Gives you the right to modifyor write to existing files on a volume. Whether the subject mayperform the operation on a specific file is determined by the file'sprotection. To be meaningful, write access requires read access.
Create
Gives you the right to createfiles on a disk volume and to subsequently modify them. Create accessalso requires read and write access.
Delete
Gives you the right to deletefiles on a disk volume, provided the user has proper access rightsat the directory and file level. Delete access requires read access.
Control
Gives you the right to change the protectionand ownership elements of the volume.

Template Profile  

The class provides the following template profile and assignsthe values during initialization. Although the template assignsan owner UIC of [0,0], this value is only temporary. As soon asthe object is created, the operating system replaces a 0 value withthe value in the corresponding field of the creating process's UIC.

Template Name Owner UIC Protection Code
DEFAULT
[0,0]
S:RWCD,O:RWCD,G:RWCD,W:RWCD

Privilege Requirements  

Users with the VOLPRO privilege always have control accessto a volume. Mounting a file-structured volume as foreign requiresVOLPRO privilege or control access.

Kinds of Auditing Performed  

All volume access can be audited, provided the security administratorenables auditing for the Access event class.

Event Audited When Audit Occurs
Access
During any file system operation

Permanence of the Object  

The security profile for a volume object is saved in the masterfile directory (MFD) of the disk as [000000]SECURITY.SYS.

go to previous page: Security ClassesSecurity Classes
go to next page: Security for the System AdministratorSecurity for the System Administrator