A capability is a resource to which a site controls
access, using the standard access control mechanisms. The ability
to execute vector instructions is a capability object. Only sites
with a vector processor have such an object.
Naming Rules |
 |
The only valid name for a capability object is
VECTOR.
Types of Access |
|
The capability class supports the following types
of access:
Use | Gives a process the right to make use of the vector processor |
Control | Gives you
the right to change the protection and ownership elements of the object |
Template Profile |
|
The capability class provides the following template
profile:
| Template Name | Owner UIC | Protection Code |
|---|
DEFAULT | [SYSTEM] | S:U,O:U,G:U,W:U |
Modifications to the VECTOR template take effect
the next time you boot the system. If you want to change the elements
of the VECTOR object after the system is booted, you must modify the
object directly. For example:
$SET SECURITY/CLASS=CAPABILITY/PROTECTION=(S:U,O:U,G:U,W) VECTOR |
Kinds of Auditing Performed |
|
The operating system can audit the following type
of event:
| Event Audited | When Audit Occurs |
|---|
Access | The first
time after image activation that the process uses a vector instruction |
Permanence of the Object |
|
The capability object's security profile
needs to be reset each time the system starts up.
