A capability is a resource to which a site controls access,
using the standard access control mechanisms. The ability to execute
vector instructions is a capability object. Only sites with a vector
processor have such an object.
Naming
Rules The only valid name for a capability object is VECTOR.
Types
of Access The capability class supports the following types of access:
Use
Gives a process the right
to make use of the vector processor
Control
Gives you the right to change the protection
and ownership elements of the object
Template Profile The capability class provides the following template profile:
Template Name
Owner UIC
Protection Code
DEFAULT
[SYSTEM]
S:U,O:U,G:U,W:U
Modifications to the VECTOR template take effect the next
time you boot the system. If you want to change the elements of
the VECTOR object after the system is booted, you must modify the
object directly. For example:
$ SET SECURITY/CLASS=CAPABILITY/PROTECTION=(S:U,O:U,G:U,W) VECTOR
Kinds of Auditing Performed The operating system can audit the following type of event:
Event Audited
When Audit Occurs
Access
The first time after image activation
that the process uses a vector instruction
Permanence of the Object The capability object's security profile needs to be reset
each time the system starts up.
HP OpenVMS Guide to System Security
Security for the User