|
HP OpenVMS Systemsask the wizard |
|
The Question is: Could you shed some more information on security protection for devices. A disk DEVICE has protection Read Write Physical I/O and Logical I/O attributes while the VOLUME has RWED protection attributes. When are the DEVICE attributes checked or used when accessing a device? The Security manual discusses checking ACL, volume and file protections when accessing a file. Also when would the Physical and Logical attributes be needed if R,W are available? Thank You The Answer is :
The access flow chart in the OpenVMS Guide to System Security may
be of interest:
http://www.openvms.digital.com:8000/
72final/6346/6346pro_001.html#determine_access
In addition to the OpenVMS Guide to System Security, the OpenVMS
I/O User's Reference Manual may be of interest when considering
low-level or device-specific information.
The device protection mask and ACL are considered when directly
assigning a channel to a (non-shareable) device. This includes
operations such as mounting and dismounting a storage device,
directly accessing a terminal device, and similar activities.
Once a storage device is mounted (and marked as shareable), then
assigning a channel to the device -- an operation that is generally
transparently performed by OpenVMS without an explicit application
request -- takes into account the file system's volume-level and
file-level protections, and not the device-level protections.
The specific meaning of logical and physical access varies by
the device -- there are three general classes of access when
considering disks: virtual, logical, and physical. Virtual I/O
refers to block-oriented accesses via the file system, such as
the third block of a particular file. On most modern disks, the
logical and physical I/O operations are treated similarly, and
refer to direct access to specified disk blocks without regard to
the file system.
The OpenVMS Wizard will assume this question is not one of idle
curiosity, but no statement of the particular problem or situation
was included...
|