|
HP OpenVMS Systemsask the wizard |
|
The Question is: What is the minimum UAF user privileges needed to be able to access the UAF. (Create, Modify, Delete, Read) Thanks The Answer is : Access to the AUTHORIZE utility requires read-write access to the target SYSUAF.DAT file (and to the other files associated with the OpenVMS system security database). This can be (but usually is not) a non-privileged operation, or it can (and typically does) require a privilege such as BYPASS or SYSPRV, or it requires a system UIC. Information on the privileges that are required for use of the sys$getuai and sys$setuai system services is included in the OpenVMS system services documentation. The necessary access to the security database can be made available via file ACLs, via assigning (powerful) user privileges, or via the creation and use of an installed image that permits the necessary access (and potentially only for a list of specifically permitted users). Other options available include the use of a DECnet server and a DECnet client and DECnet task-to-task connections to a (privileged) server process, etc. (Examples of DCL DECnet task-to-task are posted here in Ask The Wizard.) For information on the OpenVMS security model, please see the OpenVMS system security documentation.
|