From VSI OpenVMS Wiki
Jump to: navigation, search

SECURITY_POLICY is a system parameter that allows a system to run in a C2 or B1 configuration and to subset out particular pieces of functionality-to exclude functionality that is outside the evaluated configuration or to preserve compatibility with previous versions of the operating system. See the VSI OpenVMS Guide to System Security for further information about the C2 and B1 evaluated configurations.

The following bits are defined:

Bit Description
0 Obsolete
1 Allows multiple user names to connect to DECW$SERVER.
2 Allows unevaluated DECwindows transports (such as TCP/IP).
3 Allows $SIGPRC and $PRCTERM to span job trees
4 Allows security profile changes to protected objects on a local node when the object server is absent and cannot update the cluster database VMS$OBJECTS.DAT
5 Allows creation of protected objects on a local node when the object server is absent and cannot update the cluster database VMS$OBJECTS.DAT.
6 Allows SPAWN or LIB$SPAWN commands in CAPTIVE accounts
7 Reserved to VSI
8 Reserved to VSI
9 Disables password synchronizations among ACME agents on a systemwide pasis. This is functionally equivalent to the SYS$SINGLE_SIGNON logical name bit mask value 4 for LOGINOUT.
10 Allows privileged applications to successfully authenticate a user whose principal name maps to a SYSUAF record that is either expired or whose modal restrictions would otherwise prevent the account from being used. A SYSUAF record that is disabled or password-expired (in the case of traditional OpenVMS authentication) cannot be bypassed in this manner. An application with SECURITY privilege specifies the SYS$ACM ACME$M_NOAUTHORIZE function modifier to override authorization checks.
11 Allows any record in the SYSUAF file to be mapped using external authentication
12 Allows intrusions on a clusterwide or local basis. (If the bit is cleared, intrusions are clusterwide.)
13 Reserved to VSI.
14 Allows the internal name and backlink of files and directories to be read if the user has either execute or read access to the file or directory. If this bit is clear, read access is required. Setting this bit allows the full POSIX pathname of a file or directory to be displayed when some of the directories in the path are execute-only to the user. This feature is required in the following environments:
  • POSIX pathnames are in use.
  • The BASH shell or other GNV components are in use.
  • Applications are using the realpath(), getcwd(), getpwnam(), and related C runtime library functions.

The default value of 7 preserves compatibility with existing DECwindows Motif behavior. A value of 0 disables all unevaluated configurations.