A person with the SECURITY privilege can enable
subsystems on a volume by using the /SUBSYSTEM qualifier on the MOUNT
command. By default, subsystems are enabled only on the system disk.
For other disks, you need to enable subsystems every time a volume
In the following example, a security administrator
uses the MOUNT command with the /SUBSYSTEM qualifier to enable the
processing of Subsystem ACEs on device DUA0. Assume that this disk
contains the subsystem with the identifier MEMBERS_SUBSYSTEM.
$MOUNT /SUBSYSTEM /SYSTEM DUA0: DOC WORK8
You can turn the processing of Subsystem ACEs on and off dynamically
with the DCL command SET VOLUME /SUBSYSTEM. This command is especially
useful for the system disk, which is not mounted using the MOUNT command.
Any person mounting a subsystem is responsible
for knowing what is on the volume being mounted. Without this knowledge,
an operator or system manager can inadvertently subvert system security.
For example, it is easy for a user with privileges on one cluster
to put an application holding a subsystem identifier on a volume and
then take the volume to a naive operator on another cluster and request
that it be mounted. Because the application holds an appropriate subsystem
identifier, it feigns membership in a subsystem for which it is unauthorized.
Therefore, mount volumes of only those users whom you trust, or thoroughly
search a volume for Subsystem ACEs before you mount it with subsystems