Privileges restrict the use of certain system
functions to processes created on behalf of authorized users. These
restrictions protect the integrity of the operating system's
code, data, and resources and thus, the integrity of user service.
Grant privileges to individual users only after carefully considering
the following two factors:
Whether the user has the
skill and experience to use the privilege without disrupting the system
Whether the user has a
legitimate need for the privilege
Privileges fall into the following seven categories
according to the damage that the user possessing them could cause
the system:
None: No privileges
Normal: Minimum privileges
to use the system effectively
Group: Potential to interfere
with members of the same group
Devour: Potential to consume
noncritical systemwide resources
System: Potential to interfere
with normal system operation
Objects: Potential to
compromise the security of protected objects (files, devices, logical
name tables, global sections, and so on)
All: Potential to control
the system
A user's privileges
are recorded in the user's UAF record in a 64-bit privilege mask.
When a user logs in to the system, the user's privileges are
stored in the header of the user's process. In this way, the
user's privileges are passed on to the process created for the
user. Users can use the DCL command SET PROCESS/PRIVILEGES to enable
and disable privileges for which they are authorized and to further
control the privileges available to the images they run. Moreover,
any user with the SETPRV privilege can enable any privilege.
“OpenVMS Privileges”Table 8-2 lists the privileges
by category and gives brief, general definitions of them. The following
sections describe all privileges available on OpenVMS systems in detail;
each section title identifies the privilege category (Normal, Devour,
and so on). For each privilege, the appendix describes the capabilities
granted by the privilege and the users who should receive them.