The Question is:
How can I limit a particular user to its home directory only? Meaning he/she
cannot access other directories other than that of its home directory.
The Answer is :
The typical OpenVMS product implements security by:
1) establishing the ownership and protection of resources, and
2) granting users rights or resource identifiers.
All resources, e.g. files, directories, disk volumes, etc., are owned.
The owner can be a specific user or rights identifier. The owner of
a resource has the ability to change the protection of it, amongst
The protection of a resource can range from simple to elaborate. It
might allow only a lone particular user access and deny all others. It
might have a long list of rights identifiers allowed access, followed
by long list of others explicitly denied, and even include triggers
for generating alerts when accessed by yet other users, etc.
The initial protection of a resource when it is created can be controlled.
A user can be granted no rights, one right, or many rights.
If the protection of a resource is set to allow unrestricted access then
even a user with no granted rights is allowed access to it.
To "limit a particular user to their home directory only", you must first
establish security on the other sensitive resources appropriately -- the
SET DEFAULT and similar commands are far less than the access potentially
available to a user.
Alternatively, you could use a CAPTIVE or (potentially) RESTRICTED
username and the associated command procedure -- this can completely
isolate the user.
For details on this topic, please skim the security manual in the OpenVMS