The GRPNAM privilege lets the user's process bypass discretionaryaccess controls on the system logical name table in order to insertnames into (and delete names from) the logical name table of thegroup to which the process belongs by the use of the Create LogicalName ($CRELNM) and Delete Logical Name ($DELLNM) system services.
In addition, the privileged process can issue the DCL commandsASSIGN and DEFINE to add names to the group logical name table andthe DCL command DEASSIGN to delete names from the table. The privilege allowsthe use of the /GROUP qualifier with the DCL commands MOUNT andDISMOUNT (as well as the system services $MOUNT and $DISMOUNT) whensharing volumes among group members.
Do not grant this privilege to all users of the system becauseit allows the user's process to create an unlimited number of grouplogical names. When unqualified users have the unrestricted abilityto create group logical names, excessive use of system dynamic memorycan degrade system performance. In addition, a process with theGRPNAM privilege can interfere with the activities of other processesin the same group by creating definitions of commonly used logicalnames such as SYS$SYSTEM.
HP OpenVMS Guide to System Security
Security for the System Administrator
