HP OpenVMS Guide to System Security: OpenVMS Version 8.4 > Appendix B Protection for OpenVMS System Files
Standard Ownership and Protection
The system (SYSTEM) owns all OpenVMS system files
except one. The directory MOM$SYSTEM is owned by UIC [376,375]. All files in SYS$SYSDEVICE:[VMS$COMMON], except
those listed in “Exceptions to Standard OpenVMS System File Protection”, have a protection code of S:RWED,O:RWED,G:RWED,W:RE. The directory VMS$COMMON.DIR and the files in
SYS$SYSDEVICE:[SYSx.DIR] have a protection code
of S:RWE,O:RWE,G:RE,W:RE. For SYSUAF.DAT, RIGHTSLIST.DAT, and VMS$PASSWORD_HISTORY.DATA,
the file owner must be a UIC with a group within the system range
(less than MAXSYSGROUP system parameter). Values of [1,1] or [SYSTEM]
(1,4) are recommended. Table B-1 Exceptions to Standard OpenVMS System File Protection Files | Protection | [VMS$COMMON] | DECW$DEFAULTS.DIR | MOM$SYSTEM.DIR | S:RWE,O:RWE,G:RE,W:RE | SYS$KEYMAP.DIR | SYS$LDR.DIR | | SYS$STARTUP.DIR | SYSCBI.DIR | | SYSERR.DIR | SYSEXE.DIR | | SYSFONT.DIR | SYSHLP.DIR | | SYSLIB.DIR | SYSMAINT.DIR | | SYSMGR.DIR | SYSMSG.DIR | | SYSTEST.DIR | SYSUPD.DIR | | VUE$LIBRARY.DIR | | | [VMS$COMMON.SYS$KEYMAP] | DECW.DIR | | S:RWE,O:RWE,G:RE,W:RE | [VMS$COMMON.SYS$KEYMAP.DECW] | SYSTEM.DIR | USER.DIR | S:RWE,O:RWE,G:RE,W:RE | [VMS$COMMON.SYSEXE] | ISL_LVAX_061.SYS | ISL_SVAX_061.SYS | S:RWED,O:RWED,G:RE,W:RE | NETPROXY.DAT | | S:RWE,O:RWE,G:RWE,W | NET$PROXY.DAT | | S:RWE,O:RWE,G:RWE,W | MSGHLP$MAIN.EXE | | S:RE,O:RE,G:RE,W:RE | RIGHTSLIST.DAT | | S:RWED,O:RWED,G,W | SYSUAF.DAT | | S:RWED,O:RWED,G,W | VMS$OBJECTS.DAT | | S:RWE,O:RWE,G:RE,W | VMS$PASSWORD_HISTORY.DATA | | S:RWE,O:RWE,G,W | [VMS$COMMON.SYSFONT] | DECW.DIR | PS_FONT_METRICS.DIR | S:RWE,O:RWE,G:RE,W:RE | VWS.DIR | XDPS.DIR | | [VMS$COMMON.SYSFONT] | DECW.DIR | PS_FONT_METRICS.DIR | S:RWE,O:RWE,G:RE,W:RE | VWS.DIR | XDPS.DIR | | [VMS$COMMON.SYSFONT.DECW] | | | 100DPI.DIR | 75DPI.DIR | S:RWE,O:RWE,G:RE,W:RE | COMMON.DIR | CURSOR16.DIR | | CURSOR32.DIR | USER_100DPI.DIR | | USER_75DPI.DIR | USER_COMMON.DIR | | USER_CURSOR16.DIR | USER_CURSOR32.DIR | | [VMS$COMMON.SYSHLP] | DECW.DIR | VMSDOC.DIR | S:RWE,O:RWE,G:RE,W:RE | MSGHLP$ENGLISH.EXE | | S:RE,O:RE,G:RE,W:RE | EXAMPLES.DIR | | S:RWE,O:RWE,G:RE,W:RE | [VMS$COMMON.SYSLIB] | CDA$ACCESS.EXE | DECW$DWTLIBSHR.EXE | S:RW,O:RWED,G:R,W:R | DECW$PRINTWGTSHR.EXE | DECW$XLIBSHR.EXE | | MSGHLP$ENGLISH.EXE | MSGHLP$SHARE.EXE | S:RE,O:RE,G:RE,W:RE | VMS$PASSWORD_DIC
TIONARY.DATA | | S:RE,O:RE,G,W | XDPS$DPSBINDINGSSHR.EXE | XDPS$DPSCLIENTSHR.EXE | S:RW,O:RWED,G:R,W:R | XDPS$DPSLIBSHR.EXE | XNL$SHR.EXE | | [VMS$COMMON.SYSMGR] | SECURITY.AUDIT$JOURNAL | | S:RWED,O:RWED,G:RE,W | VMS$AUDIT_SERVER.DAT | | S:RWE,O:RWE,G:RE,W | WELCOME.TEMPLATE | WELCOME.TXT | S:RWED,O:RWED,G:RE,W:RE | [VMS$COMMON.VUE$LIBRARY] | SYSTEM.DIR | USER.DIR | S:RWE,O:RWE,G:RE,W:RE |
|