HP OpenVMS Systems

ask the wizard
Content starts here

Access to SYSUAF security database?

» close window

The Question is:

What is the minimum UAF user privileges needed to be able to access the UAF.
 (Create, Modify, Delete, Read)

The Answer is :

  Access to the AUTHORIZE utility requires read-write access to the target
  SYSUAF.DAT file (and to the other files associated with the OpenVMS system
  security database).  This can be (but usually is not) a non-privileged
  operation, or it can (and typically does) require a privilege such as
  BYPASS or SYSPRV, or it requires a system UIC.
  Information on the privileges that are required for use of the sys$getuai
  and sys$setuai system services is included in the OpenVMS system services
  The necessary access to the security database can be made available via
  file ACLs, via assigning (powerful) user privileges, or via the creation
  and use of an installed image that permits the necessary access (and
  potentially only for a list of specifically permitted users).  Other
  options available include the use of a DECnet server and a DECnet client
  and DECnet task-to-task connections to a (privileged) server process, etc.
  (Examples of DCL DECnet task-to-task are posted here in Ask The Wizard.)
  For information on the OpenVMS security model, please see the OpenVMS
  system security documentation.

answer written or last revised on ( 14-AUG-2000 )

» close window