|
HP OpenVMS Systemsask the wizard |
|
The Question is: What is a trusted application and how do I go about making an application trusted. The Answer is : You declare an executable or sharable image to be "trusted" by using the INSTALL command (with /PROTECT or /PRIVILEGE), or by granting the image a subsystem identifier. You should only declare an image as trusted if if the image is truly known to be "trustworthy" -- installing an image with privileges can have unintended effects on system or site security, such as a file write operation normally performed within the image that might now be able to save a file in an unintended and otherwise protected system directory. Creating a "trustworthy" application is a difficult task, involving the study of the "Guide to OpenVMS System Security" manual, and likely also involving one or more peer reviews of the design and the code by several security-conscious programmers to confirm that the resulting image is "trustworthy".
|