HP OpenVMS Systems Documentation

Content starts here

OpenVMS User's Manual

Previous Contents Index

19.6.2 Events That Can Trigger Security Alarms

Events triggering an audit or alarm can include the following:

Example of Events Initiating Security Audits or Alarms
Installation of images

Certain types of file access

Volume mounts and dismounts
Modifications to system and user passwords, system authorization file, network proxy file, or rights database
Access event requested by an ACL file or global section Logins, logouts, login failures, break-in attempts

In the following example, assume you decide to audit the file CONFIDREVIEW.MEM. If user ABADGUY accesses CONFIDREVIEW.MEM and has delete access, the following audit record is written to the system security audit log file.

%%%%%%%%%%%  OPCOM  11-DEC-1999 09:21:11.10  %%%%%%%%%%%
Message from user AUDIT$SERVER on BOSTON
Security audit (SECURITY) on BOSTON, system id: 19424
Auditable event:        Attempted file access
Event time:              11-DEC-1999 09:21:10.84
PID:                    23E00231
Username:               ABADGUY
Object name:            _BOSTON$DUA1:[RWOODS]CONFIDREVIEW.MEM;1
Object type:            file
Access requested:       DELETE
Status:                 %SYSTEM-S-NORMAL, normal successful completion
Privileges used:        SYSPRV

The auditing message reveals the name of the perpetrator, the method of access (successful deletion accomplished by using the program [SYSEXE]DELETE.EXE), time of access (9:21 A.M.), and the use of a privilege (SYSPRV) to gain access to the file. With this information, the security administrator can take action.

19.6.3 Security Audit Log Files

Security audit messages are written to the security audit log file every time any file is accessed and meets the conditions specified in the audit entry of the ACL for that file (see Section 19.6.4). Access to the file CONFIDREVIEW.MEM, as well as access to any file on the system that is protected with security auditing, prompts an audit record to be written to the security audit log file.

After auditing has been introduced, check with your security administrator periodically to see if any additional break-ins have occurred.

19.6.4 Adding ACEs to Sensitive Files

If you have key files that might have been accessed improperly, you might want to develop a strategy with your security administrator to audit access to the files.

Once you review the situation and ensure that you have done everything possible to protect your files with standard protection codes and general ACLs (described in the OpenVMS Guide to System Security), you may conclude that security auditing is required.

To specify security auditing, you can add special access control entries (ACEs) to files you own or to which you have control access. Keep in mind, however, that the audit log file is a systemwide mechanism, so Compaq recommends that a site security administrator control the use of file auditing. Although you can add auditing ACEs to files over which you have control, the security administrator has to enable auditing of files on a system level.

If you suspect break-in attempts to your account, the security administrator may temporarily enable auditing for all file access. The security administrator can also enable auditing to monitor read access to your files to catch file browsers.

An access violation of one file frequently indicates access problems with other files. Therefore, the security administrator may need to monitor access to all key files having security-auditing ACEs. When undesired access is gained to key files, the security administrator must take immediate action.

In the following example, user RWOODS and his security administrator concur that they must know when a highly confidential file, CONFIDREVIEW.MEM, is being accessed, so RWOODS adds an entry to the existing ACL for the file CONFIDREVIEW.MEM:


Appendix A
Customizing EVE

This appendix describes how to use startup files to modify the standard EVE editor. It includes information about:

  • Defining EVE keys
  • Learn sequences
  • Setting and saving attributes
  • Using DECTPU within EVE
  • Using DECTPU procedures to extend EVE
  • Creating section files
  • Creating command files
  • Creating initialization files
  • Saving your customizations in startup files
  • Saving attributes
  • Key definitions in EVE startup files
  • Converting from EDT to EVE

For additional information, refer to:

  • The OpenVMS DCL Dictionary or online help, for DCL command information
  • The DEC Text Processing Utility Reference Manual, for information about the DECTPU debugging package
  • The Guide to the Extensible Versatile Editor, for information about customizing EVE

About Startup Files

Startup files hold key definitions and editing commands that set the characteristics of the editing environment. Startup files can also hold DECTPU procedures, which augment the editing capability of the standard EVE editor.

By placing your definitions and procedures in a startup file, you can invoke the editor and automatically establish the editing environment your task requires.

Tailoring the Standard Editor

EVE provides the following ways of tailoring the standard editor to meet your editing requirements:

  • Defining editing keys
    You can assign an editing command to a key so that commands are faster to enter. For example, you can bind the EVE command ERASE WORD to the key sequence Ctrl/D.
  • Creating learn sequences
    You can assign a series of commands or keystrokes to one key. For example, you can create a learn sequence where you can press one key to insert a new phone number into a standard memo heading.
  • Using the DEC Text Processing Utility (DECTPU) to write editing procedures
    Because EVE is built on a powerful, programmable utility called the DEC Text Processing Utility, you can expand the editor beyond its standard set of commands by using DECTPU procedures. With DECTPU language statements, you can write procedures that create features that are not available in standard EVE. For example, you can write a procedure to transpose two characters and assign this procedure to a key.

A.1 Defining EVE Keys

You can define keys to execute EVE commands or to enter a series of keystrokes, called a learn sequence.

A.1.1 Undefinable Keys

EVE does not let you define the Return key (Ctrl/M), the space bar, or any printing characters (such as letters, digits, and punctuation marks) on the main keyboard.

In addition, Compaq recommends that you do not define the following keys and control key sequences (some cannot be defined unless you use special terminal settings):

Delete or <X|
Escape or Ctrl/[
F1 to F6 (VT200 and VT300 series terminals)
Help (PF2 on VT100 series terminals)
Ctrl/I (Tab key)
Ctrl/R (which EVE defines as REMEMBER)
Ctrl/U (which EVE defines as START OF LINE)

You can define all other keys (including control keys) except those noted. You can redefine the Do key, as long as you have assigned the DO command to another key.

A.1.2 Obsolete Keys

The SET SHIFT KEY and SET NOSHIFT KEY commands are obsolete. Instead, use the SET GOLD KEY and SET NOGOLD KEY commands, respectively.

A.1.3 Defining Keys to Execute EVE Commands

By defining keys, you can create editing keys to enter EVE commands you use frequently. You can define a key to execute an EVE command by using the DEFINE KEY command or by using an initialization file. If you are using help and press a key to which you have assigned an EVE command, EVE provides the help text for that command. Key definitions are discarded when you end an EVE editing session, unless you use the SAVE ATTRIBUTES command or SAVE EXTENDED EVE command to save key definitions from one editing session to the next.

The DEFINE KEY command assigns an EVE command to a single key, a GOLD key combination, or control key sequence. You can enter the DEFINE KEY command, the key to be defined, and the command on a single command line, or you can enter the DEFINE KEY command and let EVE prompt you.

To enter the DEFINE KEY command on a single command line, use the following command syntax:

DEFINE KEY [=key-name] command

The elements are as follows:

key-name The key to be defined
command The command you assign to the key

For example, the following command assigns the MOVE BY WORD command to keypad key 1 (KP1):


The following command assigns the FILL command to Ctrl/F:


You can use one of three different separators when specifying key names: an underscore (_), a dash (--), or a slash (/). For example, the Ctrl/F key can be specified as Ctrl_F, Ctrl--F, or Ctrl/F.

To use the DEFINE KEY command and let EVE prompt you, invoke EVE, then press the Do key and enter the DEFINE KEY command, as follows:

[End of file]

Buffer: MAIN                           | Write | Insert | Forward

Type the EVE command you want to assign to a key and press the Return key.

[End of file]

Buffer: MAIN                           | Write | Insert | Forward

Press the key to be associated with the EVE command.

[End of file]

Buffer: MAIN                           | Write | Insert | Forward
Press the key you want to define: [F20]

The message "Key defined" appears if you have successfully defined a key.

Another way to assign EVE commands to keys is to create an initialization file. You can define keys and set the characteristics of an editing session in the initialization file. The file contains EVE commands and key definitions, and is executed when you invoke EVE. Use the syntax given in this section to put DEFINE KEY commands in the file. For more information about initialization files, see the online help topic called Initialization Files.

To remove a key definition, use the UNDEFINE KEY command.

Section A.1.8 contains more examples of defining keys to execute EVE commands.

You can type the name of a key as a parameter for the DEFINE KEY, SET GOLD KEY, SHOW KEY, and UNDEFINE KEY commands. EVE key names are generally the same as the labels on the keys---you can specify them by their labels as well as by their positional number on one of the keypads. For example, the 7 on the numeric keypad is named KP7 and the keys on the minikeypad are named E1 to E6.

You can abbreviate key names as long as your abbreviation is not ambiguous. For example, G Rem is a valid abbreviation for GOLD Remove and G R is an abbreviation for GOLD R. The case of letters does not matter in a key definition.

You can specify control keys by using Ctrl, Control, or the circumflex character (^). For example, Ctrl/A, Control/A, and ^A are the same. For a list of the control keys defined by EVE, see the EVE online help topic called Control Keys.

In specifying control keys or GOLD key sequences, use a dash (--), slash (/), or underscore (_) as a delimiter in the key name (for example, GOLD-F20, Alt/A, or Ctrl_N.) Thus, in an initialization file, you can use commands with typed key names such as the following:


A.1.4 Differences Between EVE and DECTPU

Some EVE key names are different from key names that you use in DECTPU command files, as shown in Section A.1.4.

In EVE Commands In DECTPU Procedures
Ctrl/D Ctrl_D KEY

A.1.5 EVE Key Names

The following table lists EVE key names and the key labels on the keyboard or keypads. Some keys may not appear on some terminals. (For example, VT100 series terminals do not have the F1 to F20 keys. VT200, VT300, and VT400 series terminals do not have Backspace and line-feed keys.) Do not use these key names in DECTPU built-in procedures. (Refer to the table "Keywords Used for Key Names" in the Guide to the DEC Text Processing Utility for the correct keywords to use in DECTPU built-in procedures.)
Key Key Name
F7 ... F20 F7 ... F20
Help HELP or F15
Do DO or F16
Find FIND or E1
Insert Here INSERT_HERE or E2
Remove REMOVE or E3
Select SELECT or E4
Prev Screen PREV_SCREEN or E5
Next Screen NEXT_SCREEN or E6
Up arrow key UP
Left arrow key LEFT
Down arrow key DOWN
Right arrow key RIGHT
PF1 ... PF4 PF1 ... PF4
0 ... 9 (numeric keypad) KP0 ... KP9
-- (numeric keypad) MINUS
. (numeric keypad) PERIOD
, (numeric keypad) COMMA
< X| or Delete DELETE
Tab or TAB TAB or Ctrl/I
Backspace BS or Ctrl/H
Line-feed LF or Ctrl/J

A.1.6 Undefinable Keys

You cannot define any of the following keys:
F1 to F6
Compose Character
Ctrl (by itself)
Return or Ctrl/M
Escape or Ctrl/[
Lock or Caps Lock
No Scroll
In addition, EVE does not let you define typing keys on the main keyboard (except in combination with a modifier), a key defined as DO if it is the only key defined as DO or the key currently set as GOLD, if any.

A.1.7 Keys That You Should Not Define

Compaq recommends that you do not define the following keys and control keys. You can define these control keys, but you cannot execute them unless you set terminal characteristics in special ways.

  • Delete or <X| (which EVE defines as DELETE)
  • Help or on VT100 terminals, PF2
  • Ctrl/B (which EVE defines as RECALL)
  • Ctrl/C
  • Ctrl/O
  • Ctrl/Q
  • Ctrl/R (which EVE defines as REMEMBER to end a learn sequence)
  • Ctrl/S
  • Ctrl/T
  • Ctrl/U (which EVE defines as ERASE START OF LINE)
  • Ctrl/V (which EVE defines as QUOTE)
  • Ctrl/X
  • Ctrl/Y

If you redefine Ctrl/B or Ctrl/R, you should define other keys as RECALL and REMEMBER, respectively, because you can execute those commands only by pressing a key.

A.1.8 Defining the GOLD Key

You can assign two definitions to the same editing key if you create a GOLD key. Invoke one key definition by pressing the editing key. Invoke the other key definition by first pressing the GOLD key and then pressing the editing key.

To define a GOLD key, enter the SET GOLD KEY command and press the key you want to use as the GOLD key. When you successfully define the key, the message "GOLD key set." appears in the Messages buffer. EVE does not have a default GOLD key.

After you create a GOLD key, you can use the GOLD key definitions supplied by EVE. To see a diagram of these key definitions, enter the command HELP KEYPAD. The GOLD key definitions appear in the display in reverse video.

If you press the GOLD key by mistake, press the Select key to cancel it. Use the SAVE ATTRIBUTES command or the SAVE EXTENDED EVE command to save key definitions from one editing session to the next.

A.1.8.1 GOLD Key Combinations

The following table lists the GOLD key combinations on the EVE keypad and the definitions associated with them:

Key Definition
GOLD F13 Restore Word (except with the WPS keypad)
GOLD Help Help keys
GOLD Find Wildcard Find
GOLD Insert Here Restore
GOLD Remove Store Text
GOLD Select Reset
GOLD Prev Screen Previous Window
GOLD Next Screen Next Window
GOLD up arrow key Top
GOLD down arrow key Bottom
GOLD left arrow key Start of Line
GOLD right arrow key End of Line

Tutorial: Creating GOLD Key Definitions

You can also use the GOLD key to create your own key definitions. This tutorial demonstrates how to define a GOLD key and assign two commands to a single key. The tutorial defines the 4 key on the numeric keypad as the GOLD key and then assigns the BOTTOM and TOP commands to the Ctrl/G key. Thus, pressing Ctrl/G alone enters the BOTTOM command and pressing the GOLD key followed by Ctrl/G enters the TOP command.

To define a GOLD key and the bottom and top keys, follow these steps:

Step Task
1 Define the GOLD key:
  1. Press the Do key, type SET GOLD KEY, and press the Return key.
  2. Press the 4 key on the numeric keypad.
2 Define the bottom key:
  1. Press the Do key, type DEFINE KEY, and press the Return key.
  2. Type BOTTOM and press the Return key.
  3. Press Ctrl/G. Ctrl/G is now defined as BOTTOM.
3 Define the GOLD Ctrl/G key as the top key:
  1. Press the Do key, type DEFINE KEY, and press the Return key.
  2. Type TOP and press the Return key.
  3. Press and hold down the GOLD key (4 on the numeric keypad) and press Ctrl/G.

For the rest of your editing session, when you press Ctrl/G, EVE executes the BOTTOM command. When you press the GOLD key (4 on the numeric keypad) followed by Ctrl/G, EVE executes the TOP command.

A.1.8.2 Removing GOLD Keys

You cannot define more than one GOLD key at a time. To remove a GOLD key definition, enter the SET NOGOLD KEY command, then press the key you want to undefine. You can also define another GOLD key, which removes the original GOLD key.

Previous Next Contents Index