Privileges restrict the use of certain system functions toprocesses created on behalf of authorized users. These restrictionsprotect the integrity of the operating system's code, data, andresources and thus, the integrity of user service. Grant privilegesto individual users only after carefully considering the followingtwo factors:
Whether the user has the skill andexperience to use the privilege without disrupting the system
Whether the user has a legitimate need for the privilege
Privileges fall into the following seven categories accordingto the damage that the user possessing them could cause the system:
None: No privileges
Normal: Minimum privileges to use the system effectively
Group: Potential to interfere with members of thesame group
Devour: Potential to consume noncritical systemwideresources
System: Potential to interfere with normal systemoperation
Objects: Potential to compromise the security ofprotected objects (files, devices, logical name tables, global sections,and so on)
All: Potential to control the system
A user's privilegesare recorded in the user's UAF record in a 64-bit privilege mask.When a user logs in to the system, the user's privileges are storedin the header of the user's process. In this way, the user's privilegesare passed on to the process created for the user. Users can usethe DCL command SET PROCESS/PRIVILEGES to enable and disable privilegesfor which they are authorized and to further control the privilegesavailable to the images they run. Moreover, any user with the SETPRVprivilege can enable any privilege.
OpenVMS PrivilegesTable 8-2 liststhe privileges by category and gives brief, general definitionsof them. The following sections describe all privileges availableon OpenVMS systems in detail; each section title identifies theprivilege category (Normal, Devour, and so on). For each privilege,the appendix describes the capabilities granted by the privilegeand the users who should receive them.