skip book previous and next navigation links
go up to top of book: HP OpenVMS Guide to System Security HP OpenVMS Guide to System Security
go to beginning of part: Security for the User Security for the User
go to beginning of chapter: Descriptions of Object Classes Descriptions of Object Classes
go to previous page: Security Classes Security Classes
go to next page: Security for the System AdministratorSecurity for the System Administrator
end of book navigation links

Volumes  



A volume object is one or more ODS-2 or ODS-5 disk volumes. The object consists of multiple volumes when they are part of a bound volume set. Although you might have access to the directories and files on the volume, you cannot access them if you do not have access to the volume itself.

For access information on tapes and foreign volumes, see the HP OpenVMS System Manager's Manual and the Mount utility documentation in the HP OpenVMS System Management Utilities Reference Manual .

Naming Rules  

A volume name can be the volume label, the name of the device on which the volume is mounted, or a user-specified logical name. Volume label names can be from 0--12 characters in length.

Types of Access  

The volume class supports the following types of access:

Read
Gives you the right to examine file names and print and copy files on a volume.
Write
Gives you the right to modify or write to existing files on a volume. Whether the subject may perform the operation on a specific file is determined by the file's protection. To be meaningful, write access requires read access.
Create
Gives you the right to create files on a disk volume and to subsequently modify them. Create access also requires read and write access.
Delete
Gives you the right to delete files on a disk volume, provided the user has proper access rights at the directory and file level. Delete access requires read access.
Control
Gives you the right to change the protection and ownership elements of the volume.

Template Profile  

The class provides the following template profile and assigns the values during initialization. Although the template assigns an owner UIC of [0,0], this value is only temporary. As soon as the object is created, the operating system replaces a 0 value with the value in the corresponding field of the creating process's UIC.

Template Name Owner UIC Protection Code
DEFAULT
[0,0]
S:RWCD,O:RWCD,G:RWCD,W:RWCD

Privilege Requirements  

Users with the VOLPRO privilege always have control access to a volume. Mounting a file-structured volume as foreign requires VOLPRO privilege or control access.

Kinds of Auditing Performed  

All volume access can be audited, provided the security administrator enables auditing for the Access event class.

Event Audited When Audit Occurs
Access
During any file system operation

Permanence of the Object  

The security profile for a volume object is saved in the master file directory (MFD) of the disk as [000000]SECURITY.SYS.

go to previous page: Security Classes Security Classes
go to next page: Security for the System AdministratorSecurity for the System Administrator