The Question is:
from installed program (no subsystem ACEs) I want to check if the current
process holds specific identifier.
When calling $CHECK_PRIVILEGEW (flags= NSA$M_IDENTIFIER) I'm always getting
SS$_NOAUDIT error, unless, of course the process has AUDIT privilege or the
program is installed with it.
As this both is unfortunately unacceptable, is there another way to achieve
this, besides looping with $FIND_HELD?
Have I overlooked something?
The Answer is :
The usual solution is to try the target operation.
If you wish to synthesize your own check, use $chkpro or
If the identifier is known in advance, one simple mechanism is to
protect a file using that identifier and attempt to open it. The
success or failure will tell you if the process holds the identifier.
(This is an implementation of a $chkpro call, of course, using an
actual file object.) Note that if the intended result of the test
is to exit if the identifier is not held, you could protect the
image iteself and avoid the test altogether.
sys$getjpi[w] can also return rights information. See item codes
JPI$_RIGHTSLIST, JPI$_RIGHTS_SIZE, JPI$_PROCESS_RIGHTS and
JPI$_SYSTEM_RIGHTS. Since sys$getjpi[w] returns information
in binary form, you will probably also need to call sys$asctoid