HP OpenVMS Systems

ask the wizard
Content starts here

Text and Binary UIC Values?

» close window

The Question is:

 
I have a question about the alphabetical UIC ?
 
A file "A.A" has UIC
[USER1, USER2]                 (RWED,RWED,RE,)
 
I verified the rightslist database and corresponding UIC of the OPTS and TOP are
 
USER1                [000100,177777]
USER2                [000101,000001]
 
I believe the alphabetical UIC was wrongly set as group UIC of "USER2" is not
 under "USER1"
 
If so, what's the risk or protection leakage in the file A.A ? Can USER1 or
 USER2 access the file A.A ? with what rights (i.e. RWED) ?
 
thanks.
 
 
 
 
 


The Answer is :

 
  The text display maps information stored in the RIGHTSLIST file
  to the binary information stored with the file, queue or other
  object.  It is the binary value of the identifier that is the
  security-relevent attribute.  The identifier text is used solely
  to translate from and to more human-readable formats.
 
  As for the group portion of the UIC display, details on re-adding
  UIC group identifiers is discussed in the OpenVMS FAQ -- the USER1
  value shown would tend to indicate that UIC [100,*] has the user
  group translation of USER1.
 
  For details on identifiers and related, please see the OpenVMS
  Guide to System Security manual.
 
  For related discussions, see the discussions here on creating
  and divorcing nodes in a cluster -- maintaining the binary
  UIC values is key to creating a single cluster security
  domain from multiple SYSUAF and RIGHTSLIST files, when there
  are objects with associated binary values from the various
  nodes.
 

answer written or last revised on ( 7-OCT-2004 )

» close window