skip book previous and next navigation links
go up to top of book: HP OpenVMS Guide to System SecurityHP OpenVMS Guide to System Security
go to beginning of part: Security for the System AdministratorSecurity for the System Administrator
go to beginning of chapter: Using Protected SubsystemsUsing Protected Subsystems
go to previous page: Design ConsiderationsDesign Considerations
go to next page: Building the SubsystemBuilding the Subsystem
end of book navigation links

System Management Requirements  



Although an unprivileged user can build and manage a protectedsubsystem, you need to be involved at two points in the process:at the beginning to create the necessary identifiers for the subsystemand at the end to mount the volume with the protected subsystem.

You need to perform the following tasks:

  1. Create identifiersfor the subsystem, each with the Subsystem attribute. The Subsystemattribute empowers the identifier's holder to manage the subsystem.

  2. Grant these subsystem identifiers with Subsystemattributes to the people who will serve as managers of the subsystem.This enables them to assign the subsystem identifier to the imagesthat make up the subsystem.

  3. Give the subsystem managers control access to applicationimages. They need control access so they can add Subsystem ACEsto the image ACLs.

  4. Give the subsystem managers control access to existingresources that are to be managed by the protected subsystem.

    Although subsystem managers may need control access to keysystem resources, the ACL on the objects limits their access rightsto only those resources. This may not be as dangerous as installingan image with SYSPRV.

The following example shows how you can set up identifiersand the necessary application access so that users can manage amembership list:
Example 1  SettingUp Identifiers and Application Access for Managing Membership List 
$ SET DEFAULT SYS$SYSTEM$ RUN AUTHORIZEUAF> ADD/IDENTIFIER MEMBERS_SUBSYSTEM-               [1]_UAF> /ATTRIBUTES=(SUBSYSTEM,RESOURCE)UAF> GRANT/IDENTIFIER MEMBERS_SUBSYSTEM -            [2]_UAF> /ATTRIBUTES=(SUBSYSTEM,RESOURCE) LOUISUAF> GRANT/IDENTIFIER MEMBERS_SUBSYSTEM -_UAF> /ATTRIBUTES=(SUBSYSTEM,RESOURCE) WU$ SET SECURITY/ACL=(IDENTIFIER=MEMBERS_SUBSYSTEM,-   [3]_$ ACCESS=CONTROL) MEMBER_LIST.EXE
  1. Use AUTHORIZE to create a subsystemidentifier called MEMBERS_SUBSYSTEM. Notice that this identifiercarries the Subsystem attribute.

  2. Make Louis and Wu holders of the identifier so theycan manage the subsystem.

  3. Give Louis and Wu control access to the subsystemimage MEMBER_LIST.EXE.


Note that you create the subsystem identifier MEMBERS_SUBSYSTEMwith the Resource attribute. This allows disk space to be chargedto the identifier MEMBERS_SUBSYSTEM and not the individuals accessing thesubsystem. (When using the Resource attribute, be careful to setthe appropriate ACLs on directories [see Setting Up the ACL].)

go to previous page: Design ConsiderationsDesign Considerations
go to next page: Building the SubsystemBuilding the Subsystem