HP OpenVMS Systems Documentation
Content starts here

OpenVMS Óû§ÊÖ²á

Ç°Ò³ Ŀ¼ Ë÷Òý

µÚ 10 ÕÂ
¿ØÖÆ´æÈ¡×ÊÔ´

ÿ¸öϵͳվµãÓÐΨһµÄ°²È«ÐèÇó¡£»ùÓÚÕâ¸öÔ­Òò£¬Ã¿¸öÕ¾µãÓ¦¸ÃÓÐÒ»¸öϵͳ°²È«²ßÂÔ£¬ÎªÏµÍ³¹ÜÀíÔ±ºÍÓû§¹æ»®ÎïÀíµÄºÍÈí¼þ°²È«ÐèÇó¡£ÒªÈ·±£ÏµÍ³°²È«£¬OpenVMS ²Ù×÷ϵͳ¿ØÖƶÔϵͳµÄ´æȡȨºÍ ¶ÔÈκΰüº¬¿É¹²ÏíÐÅÏ¢¶ÔÏóµÄ´æȡȨ¡£ÕâЩ¶ÔÏó£¬ÈçÉ豸¡¢¾í¡¢Âß¼­Ãû±í¡¢ÎļþºÍ¶ÓÁУ¬±»³ÆΪÊܱ£»¤¶ÔÏó¡£ËùÓÐÊܱ£»¤¶ÔÏóÁгöÒ»×é´æÈ¡ÐèÇó£¬Ö¸¶¨Ë­ÓÐȨÒÔ¸ø¶¨·½Ê½´æÈ¡¶ÔÏó¡£

OpenVMS Guide to System Security ÃèÊö¿ÉÓÃÓÚ²Ù×÷ϵͳºÍϵͳ¹ÜÀíÔ±¿ÉÒÔÖ´ÐÐά»¤ÕÊ»§ºÍϵͳ°²È«µÄÈÎÎñµÄ°²È«ÌØÐÔ¡£±¾ÕÂÃèÊö OpenVMS ±£»¤ºÍÉó²éϵͳ×ÊÔ´µÄһЩ·½·¨¡£Ëü°üÀ¨µÄÐÅÏ¢ÓÐ:

  • ÏÔʾ½ø³ÌµÄȨÏÞ±êʶ·û
  • ¶ÔÏóµÄ°²È«¼òÒª
  • ½âÊͱ£»¤Âë
  • ĬÈÏÎļþ±£»¤
  • ͨ¹ýÍøÂç´æÈ¡Îļþ
  • Éó²é¶ÔÄúµÄÕÊ»§ºÍÎļþµÄ´æÈ¡

ÓйØÆäËû°²È«ÐÅÏ¢£¬Çë²ÎÔÄÒÔÏÂ:

  • OpenVMS Guide to System Security£¬Óйر£»¤¶ÔÏóºÍϵͳ°²È«µÄÏêÇé
  • OpenVMS DCL Dictionary »òÁª»úÇóÖú£¬Óйر¾ÕÂÂÛÊöµÄÃüÁîÏêÇé

°²È«ÌØÐÔ

¿ÉÒÔͨ¹ýÒÔÏ·½·¨ÊìϤ OpenVMS °²È«ÌØÐÔ:

  • Á˽âÓë½ø³Ì¹ØÁªµÄȨÏÞ±êʶ·û --- ȨÏÞ±êʶ·ûÈ·¶¨¿ÉÒÔ´æȡʲô×ÊÔ´¡£Èç¹û½ø³ÌûÓÐÊʵ±µÄ±êʶ·û£¬¿ÉÄܲ»ÄÜ´æȡijЩÊܱ£»¤¶ÔÏó¡£
    ÓйØÏÔʾȨÏÞ±êʶ·ûµÄÏêÇ飬Çë²ÎÔÄ 10.1 ½Ú¡£
  • ÏÔʾÊܱ£»¤¶ÔÏóµÄ°²È«¼òÒª --- °²È«¼òÒª°üº¬ÓйØÊܱ£»¤¶ÔÏóµÄÐÅÏ¢¡£¿ÉÒÔ¸ü¸Ä¶ÔÏóµÄ°²È«¼òÒª£¬Ê¹ÆäËûÓû§¶ÔËü¿É´æÈ¡µÄ»òÕß²»¿É´æÈ¡µÄ¡£
    Óйذ²È«¼òÒªµÄÏêÇ飬Çë²ÎÔÄ 10.2 ½Ú ¡£
  • Á˽âÈçºÎͨ¹ýÍøÂç´æÈ¡Îļþ --- ͨ¹ýʹÓôæÈ¡¿ØÖÆ×Ö·û´®»ò´úÀí×¢²áÕÊ»§¿ÉÒÔÍê³ÉÕâ¼þÊ¡£
    ÓйشæÈ¡Ô¶³ÌÎļþµÄÏêÇ飬Çë²ÎÔÄ 10.5 ½Ú¡£
  • Éó²é¶ÔÕÊ»§ºÍÎļþµÄ´æÈ¡ --- ͨ¹ý×Ðϸ¹Û²ìÈκÎ×¢²áÏûÏ¢²¢ÇÒÓëϵͳ¹ÜÀíԱЭÁ¦Éó²éÎļþ£¬¿ÉÒÔÍê³ÉÕâ¼þÊ¡£
    ÓйØÉó²é¶ÔÕÊ»§ºÍÎļþµÄ´æÈ¡ÏêÇ飬Çë²ÎÔÄ 10.6 ½Ú¡£

10.1 ÏÔʾ½ø³ÌµÄȨÏÞ±êʶ·û

ËùÓг¢ÊÔ´æÈ¡Êܱ£»¤¶ÔÏóµÄ½ø³Ì¶¼Ð¯´ø±»³ÆΪȨÏÞ±êʶ·ûµÄÐÅÈÎÖ¤Êé¡£ËùÓÐÊܱ£»¤¶ÔÏóÁгöÒ»×é´æÈ¡ÐèÇó£¬Ö¸¶¨Ë­ÓÐȨÒÔ¸ø¶¨·½Ê½´æÈ¡¶ÔÏó¡£Èç¹û´æÈ¡½ø³ÌµÄȨÏÞ±êʶ·û²»Æ¥ÅäÄÇЩ¶ÔÏó£¬ÄÇô¾Í¾Ü¾ø´æÈ¡¡£

ÒÔÏÂÀý×ÓչʾÈçºÎʹÓà SHOW PROCESS ÃüÁîÏÔʾµ±Ç°½ø³ÌµÄ±êʶ·û:


$ SHOW PROCESS/ALL
25-NOV-2002 15:23:18.08   User: GREG            Process ID:   34200094
                          Node: ACCOUNTS        Process name: "GREG"

Terminal:           VTA2195:  TNA2170:  (Host: 16.32.123.45 Port: 6789)
User Identifier:    [DOC,GREG]   (1)
Base priority:      4
Default file spec:  WORK1:[GREG.FISCAL_96]
Number of Kthreads: 1
Devices allocated:  ACCOUNTS$TWA2:

Process Quotas:
   .
   .
   .
Process rights:
 INTERACTIVE   (2)
 LOCAL         (3)
 SALES         (4)
 MINDCRIME                         resource  (5)

System rights:
 SYS$NODE_ACCOUNTS   (6)

ÓÐÈýÀàȨÏÞ±êʶ·û: UIC¡¢»·¾³ºÍͨÓá£SHOW PROCESS ÃüÁîÊä³öÏÔʾËùÓÐÕâÈýÀà:

  1. UIC ±êʶ·û£¬Ö¸³öÓû§ Greg ÊÇ DOC ×éµÄ³ÉÔ±
  2. »·¾³±êʶ·û£¬Ö¸³öÓû§ Greg Êǽ»»¥Óû§
  3. »·¾³±êʶ·û£¬Ö¸³öÓû§ Greg ÔÚ±¾µØ×¢²á
  4. ͨÓñêʶ·û£¬Ö¸³öÓû§ Greg Ò²ÊÇ SALES ×éµÄ³ÉÔ±
  5. ͨÓñêʶ·û£¬Ö¸³ö Greg ÓµÓдø×ÊÔ´ÊôÐ﵀ MINDCRIME ±êʶ·û£¬Òò¶øËû¿ÉÒÔΪÕâ¸ö±êʶ·ûÔö¼Ó´ÅÅÌ¿Õ¼ä
  6. »·¾³±êʶ·û£¬Ö¸³öÓû§ Greg Õý¹¤×÷ÔÚ ACCOUNTS ½Úµã

10.2 ¶ÔÏóµÄ°²È«¼òÒª

ÒòΪ²Ù×÷ϵͳͬʱ֧³Ö¶àÓû§£¬Òò´ËËüÓÐÄÚÉ谲ȫ»úÖÆ×èÖ¹Ò»¸öÓû§µÄ»î¶¯·Á°­ÁíÒ»¸ö¡£±£»¤Âë¡¢´æÈ¡¿ØÖƺÍÓ²¼þÉè¼ÆÒ»Æð±£»¤¶Ô´æ´¢Æ÷¡¢¿É¹²ÏíÉ豸 ºÍÊý¾ÝµÄʹÓã¬Òò¶øÐí¶àÓû§¿ÉÒÔ¹²Ïíϵͳ¡£¶ÔÏóµÄ°²È«¼òÒª°üÀ¨Óû§±êʶÂë (UIC)¡¢ACL ºÍ·ÖÅä¸ø¶ÔÏóµÄ±£»¤Âë¡£¿ÉÒÔÏÔʾ»òÐÞ¸Ä×Ô¼ºÓµÓеÄÈκζÔÏóµÄ°²È«¼òÒª¡£

Òª¹Û¿´ÈκÎÊܱ£»¤¶ÔÏóµÄ°²È«¼òÒª£¬Ê¹Óà DCL ÃüÁî SHOW SECURITY¡£ÀýÈ磬ÒÔÏÂÃüÁîÇëÇóÎļþ 95_FORECAST.TXT µÄ°²È«ÐÅÏ¢:


$ SHOW SECURITY 95_FORECAST.TXT
WORK_DISK$:[GREG]95_FORECAST.TXT;1 object of class FILE
      Owner: [ACCOUNTING,GREG]
      Protection: (System: RWED, Owner: RWED, Group: RE, World)
      Access Control List: <empty>

´ËÏÔʾָ³öÎļþ 95_FORECAST.TXT ±»Óû§ Greg ÓµÓС£ËüÒ²ÁгöÎļþµÄ±£»¤Â룬ΪϵͳÓû§ºÍÓµÓÐÕ߸ø³ö¶ÁÈ¡¡¢Ð´Èë¡¢Ö´ÐкÍɾ³ý´æȡȨ¡£¸Ã´úÂë°Ñ¶ÁÈ¡ºÍÖ´ÐдæÈ¡ ȨÌṩ¸ø×éÓû§£¬µ«²»ÎªÈ«ÌåÓû§ÌṩÈκδæȡȨ¡£(ÓйؽøÒ»²½½âÊÍ£¬Çë²ÎÔÄ 10.3 ½Ú¡£) ÔÚÕâ¸öÎļþÉÏûÓÐ ACL¡£

10.2.1 Ð޸ݲȫ¼òÒª

Äú¿ÉÒÔΪÊܱ£»¤¶ÔÏóµÄÓµÓÐÕß¡¢±£»¤Âë»ò ACL ÌṩÐÂÖµ£¬»òÕßͨ¹ýʹÓà SET SECURITY ÃüÁî¿ÉÒ԰ѼòÒª´ÓÒ»¸ö¶ÔÏó¸´ÖƵ½ÁíÒ»¸ö¡£

ÀýÈ磬ÔÚ 10.2 ½Ú µÄ SHOW SECURITY ÏÔʾչʾÎļþ 95_FORECAST.TXT ±»Óû§ Greg ÓµÓС£×÷ΪӵÓÐÕߣ¬Ëû¿ÉÒÔ¸ü¸ÄÕâ¸öÎļþµÄ±£»¤Âë¡£×î³õ£¬Õâ¸ö´úÂëûÓÐΪȫÌåÓû§ÀàµÄÓû§ÌṩÈκδæȡȨ¡£ÏÖÔÚ£¬Greg ¿ÉÒÔ¸ü¸ÄËü£¬ÔÊÐíÈ«ÌåÓû§ÓжÁÈ¡ºÍд´æȡȨ: 


$ SET SECURITY/PROTECTION=(W:RW) 95_FORECAST.TXT

ÒÔÏ SHOW SECURITY ÃüÁîÑéÖ¤Õâ¸öÎļþµÄб£»¤Âë:


$ SHOW SECURITY 95_FORECAST.TXT
95_FORECAST.TXT object of class FILE
     Owner: [GREG]
     Protection: (System: RWED, Owner: RWED, Group: RE, World: RW)
     Access Control List: <empty>

10.3 ½âÊͱ£»¤Âë

±£»¤Âë¿ØÖÆÔÊÐí (»ò¾Ü¾ø) Ìض¨Óû§»òÓû§×éµÄ´æÈ¡ÀàÐÍ¡£ËüÓÐÒÔϸñʽ:


[category: list of access allowed (, category: list of access allowed,...)]

ÖÖÀà°üÀ¨ÏµÍ³ (S)¡¢ÓµÓÐÕß (O)¡¢×é (G) ºÍÈ«ÌåÓû§ (W)¡£Ã¿¸öÖÖÀà¿ÉÒÔËõдΪËüµÄÊ×λ×Ö·û¡£ÖÖÀàÓÐÒÔ϶¨Òå:

ϵͳ Æä UIC ÊÇÔÚ 1 ÖÁ 10 (°Ë½øÖÆ) ·¶Î§µÄÈκÎÓû§½ø³Ì»òÓ¦ÓóÌÐò£¬¾ßÓÐ SYSPRV ÌØȨ£¬»òÕßÓëÓµÓÐÕßͬ×é¶øÓµÓÐ GRPPRV¡£
ÓµÓÐÕß Æä UIC Óë¶ÔÏóµÄ UIC ÏàͬµÄÈκÎÓû§½ø³Ì»òÓ¦ÓóÌÐò¡£
×é Æä×é UIC Óë¶ÔÏóµÄ×é UIC ÏàͬµÄÈκÎÓû§½ø³Ì»òÓ¦ÓóÌÐò¡£
È«ÌåÓû§ ÔÚϵͳÉϵÄÈκÎÓû§½ø³Ì»òÓ¦ÓóÌÐò¡£

Ö¸¶¨Ò»¸öÒÔÉÏÓû§ÖÖÀàʱ£¬ÓöººÅ·Ö¿ªÖÖÀಢ°ÑÕû¸ö´úÂëÀ¨ÈëÔ²À¨ºÅÄÚ¡£¿ÉÒÔ°´ÈκδÎÐòÖ¸¶¨Óû§ÖÖÀàºÍ´æÈ¡ÀàÐÍ¡£

Ò»¸ö¿Õ´æȡ˵Ã÷Òâζ×ÅûÓдæȡȨ£¬Òò¶ø£¬µ±Ê¡ÂÔÒ»¸öÓû§ÖÖÀàµÄ´æÈ¡ÀàÐÍʱ£¬¾Í¾Ü¾øÕâÀàÓû§ÓÐÕâ¸ö´æÈ¡ÀàÐÍ¡£Òª¾Ü¾øÒ»¸öÓû§ÖÖÀàµÄËùÓдæÈ¡£¬¾Í²»ÎªÕâ¸öÓû§ÖÖÀàÖ¸¶¨ÈκÎÈ¡ÀàÐÍ¡£(µ±¾Ü¾ø´æÈ¡Ò»¸ öÓû§ÖÖÀàʱ£¬¾ÍÊ¡ÂÔÕâ¸öÓû§ÖÖÀàÖ®ºóµÄðºÅ¡£)

¶ÔÓÚÎļþ£¬´æÈ¡Áбí°üÀ¨¶ÁÈ¡ (R)¡¢Ð´Èë (W)¡¢Ö´ÐÐ (E) »òɾ³ý (D) ´æÈ¡ÀàÐÍ¡£´æÈ¡ÀàÐÍ·ÖÅä¸øÿ¸öÓµÓÐÕßÖÖÀ࣬²¢ÇÒÓÃÒ»¸öðºÅ (:) ·Ö¿ªËüµÄ´æÈ¡ÀàÐÍ¡£Îļþ´æÈ¡ÀàÐÍÓÐÒÔϺ¬Òå:

¶ÁÈ¡ ¸ø³ö¶ÁÈ¡¡¢´òÓ¡»ò¸´ÖÆ´ÅÅÌÎļþµÄȨÏÞ¡£¶ÔÓÚĿ¼Îļþ£¬¶ÁÈ¡´æȡȨ¸ø³ö¶ÁÈ¡»òÁбíÎļþµÄȨÏÞ£¬²¢ÇÒ¿ÉÒÔʹÓÃͨÅä·ûÎļþÃû²éÕÒÎļþ¡£¶ÁÈ¡´æȡȨDZÔÚ°üÀ¨Ö´ÐдæȡȨ¡£
дÈë ¸ø³öдÈë»ò¸ü¸ÄÎļþÄÚÈݵÄȨÏÞ£¬µ«ÊDz»ÄÜɾ³ýËü¡£Ð´´æȡȨÔÊÐíÐÞ¸ÄÃèÊöÎļþÄÚÈݵÄÎļþÌØÕ÷¡£¶ÔÓÚĿ¼Îļþ£¬Ð´´æȡȨ¸ø³ö²åÈë»òɾ³ýÔÚÎļþĿ¼ÖеÄÌõÄ¿¡£
Ö´ÐÐ ¸ø³öÖ´Ðаüº¬¿ÉÖ´ÐгÌÐòÓ³Ïó»ò DCL ÃüÁî¹ý³ÌÎļþµÄȨÏÞ¡£¶ÔÓÚĿ¼Îļþ£¬Ö´ÐдæȡȨ¸ø³ö²éÕÒÒÑÖªÆäÎļþÃûµÄÎļþµÄȨÏÞ¡£
ɾ³ý ¸ø³öɾ³ýÎļþµÄȨÏÞ¡£ÒªÉ¾³ýÒ»¸öÎļþ£¬±ØÐë¶ÔÎļþÓÐɾ³ý´æȡȨºÍ¶Ô°üº¬¸ÃÎļþµÄĿ¼ÓÐд´æȡȨ¡£

10.4 ĬÈÏÎļþ±£»¤

ÐÂÎļþ½ÓÊÕĬÈÏ»ùÓÚ UIC µÄ±£»¤ºÍ¸¸Ä¿Â¼µÄĬÈÏ´æÈ¡¿ØÖÆÁбí (ACL)¡£ACL °üº¬Ò»×éÌõÄ¿£¬¶¨ÒåÓû§»òÓû§×é¶ÔÌض¨Êܱ£»¤¶ÔÏóµÄ´æȡȨ£¬ÈçÎļþ¡¢Ä¿Â¼»òÉ豸¡£

¿ÉÒÔʹÓÃĬÈÏ UIC ±£»¤»òĬÈÏ ACL ±£»¤È¡´úÌṩ¸øÐÂÎļþµÄĬÈÏ»ùÓÚ UIC µÄ±£»¤¡£

10.4.1 ĬÈÏ UIC ±£»¤

²Ù×÷ϵͳΪÿ¸ö½ø³ÌÌṩÒÔÏ»ùÓÚ UIC µÄ±£»¤: 


(S:RWED, O:RWED, G:RE, W)

°´ÕÕĬÈÏ£¬´øϵͳ UIC µÄÓû§ºÍ¶ÔÏóÓµÓÐÕ߶ԶÔÏóÓÐÈ«²¿´æȡȨ£¬Óë¶ÔÏóÓµÓÐÕßÔÚͬÑù UIC ×éÖеÄÓû§¶Ô¶ÔÏóÓжÁÈ¡ºÍÖ´ÐдæȡȨ£¬¶ø¾Ü¾øËùÓÐÆäËûÓû§´æÈ¡Õâ¸ö¶ÔÏó¡£Òª¸ü¸Ä½¨Á¢ÎļþµÄĬÈϱ£»¤£¬¿ÉÊäÈë´ø /DEFAULT ÏÞ¶¨´ÊµÄ SET PROTECTION ÃüÁî¡£ÀýÈ磬Èç¹ûÔÚ×¢²áÃüÁî¹ý³ÌÖÐÊäÈëÒÔÏÂÃüÁÄÇô׼ÓèËùÓнø³Ì¶ÔÄú½¨Á¢µÄÈκÎÎļþÓжÁÈ¡ºÍÖ´ÐдæȡȨ¡£(¼Çס£¬±ØÐëÖ´ÐÐÕâ¸ö×¢²áÃüÁî¹ý³ÌÒÔÖ´ÐÐÕâ¸öÃüÁî¡£) 


$ SET PROTECTION = (S:RWED,O:RWED,G:RE,W:RE)/DEFAULT

10.4.2 ĬÈÏ ACL ±£»¤

ͨ¹ý°ÑÒ»¸öĬÈϱ£»¤´æÈ¡¿ØÖÆÌõÄ¿ (ACE) ·ÅÈëÊʵ±µÄĿ¼ÎļþµÄ ACL ÖУ¬¿ÉÒÔÈ¡´ú¶ÔÖ¸¶¨Ä¿Â¼»ò×ÓĿ¼µÄĬÈÏ UIC ±£»¤¡£ÔÚ ACE ÖÐÖ¸¶¨µÄĬÈϱ£»¤Ó¦ÓÃÓÚÔÚÖ¸¶¨Ä¿Â¼»òĿ¼µÄ×ÓĿ¼Öн¨Á¢µÄÈκÎÐÂÎļþ¡£ÒÔϱØÐëÔÚÒ»¸öĿ¼ÎļþµÄ ACL ÖÐµÄ ACE£¬Ö¸¶¨¶ÔĿ¼ºÍĿ¼µÄ×ÓĿ¼µÄĬÈϱ£»¤ÔÊÐíϵͳºÍÓµÓÐÕß½ø³ÌÓÐÈ«²¿´æȡȨ¡¢×é½ø³ÌÓжÁÈ¡ºÍÖ´ÐдæȡȨ¶øÈ«ÌåÓû§Ã»ÓдæȡȨ¡£


$ SET SECURITY/ACL = (DEFAULT_PROTECTION,S:RWED,O:RWED,G:RE,W:)
[JONES]PERSONAL.DIR

ÒªÖ¸¶¨Ò»¸ö½«±»¸´ÖƵ½ÒÔºóÔÚĿ¼Öн¨Á¢ÈκÎÎļþ ACL µÄĬÈϱêʶ·û ACE£¬ÔÚĿ¼ÎļþµÄ±êʶ·û ACL ÖÐÖ¸¶¨ DEFAULT ÈÎÑ¡Ïî¡£

ÔÚÒÔÏÂÀý×ÓÖÐչʾµÄ ACE Ó¦ÓÃÓÚÒ»¸öĿ¼Îļþ£¬²¢ÇҾܾøÍøÂçÓû§´æÈ¡ÔÚÕâ¸öĿ¼Öн¨Á¢µÄËùÓÐÎļþ: 


$ SET SECURITY/ACL = (IDENTIFIER=NETWORK,OPTIONS=DEFAULT,ACCESS=NONE) -
_$ [JONES]PERSONAL.DIR

10.4.3 ÖØÐÂÃüÃûÎļþ

²»¸ü¸ÄÖØÐÂÃüÃûÎļþµÄ±£»¤¡£ÏÖÓÐÎļþµÄа汾½ÓÊÕÉÏÒ»¸ö°æ±¾»ùÓÚ UIC µÄ±£»¤ºÍ ACL¡£(BACKUP¡¢COPY¡¢CREATE ºÍ SET FILE ÃüÁî¿ÉÒÔʹÓà /PROTECTION ÏÞ¶¨´ÊÈ¡´úĬÈÏ»ùÓÚ UIC µÄ±£»¤¡£)

10.4.4 ÏÔʽÎļþ±£»¤

¿ÉÒÔÃ÷È·µØÓà /PROTECTION ÏÞ¶¨´ÊΪÐÂÎļþÖ¸¶¨»ùÓÚ UIC µÄ±£»¤ (¶ÔÓÚ BACKUP¡¢COPY ºÍ CREATE ÃüÁîÓÐЧ)¡£

ʹÓà SET SECURITY/PROTECTION ÃüÁî¿ÉÒÔ¸ü¸ÄÏÖÓÐÎļþ»ùÓÚ UIC µÄ±£»¤¡£

ÔÚ½¨Á¢Ò»¸öÎļþ²¢ÇÒÒÑΪÕâ¸öÎļþ½¨Á¢ ACL ºó£¬¿ÉÒÔÐÞ¸ÄÕâ¸ö ACL ²¢ÇÒÌí¼ÓÐí¶àÏëÒªµÄÌõÄ¿¡£ACL Ö¸¶¨µÄ±£»¤È¡´úÎļþµÄÓû§±êʶÂë±£»¤¡£

ÔÚÒÔÏÂÀý×ÓÖУ¬Ö¸¶¨»ùÓÚ UIC µÄ±£»¤: 


$ CREATE MAST12.TXT/PROTECTION=(S:RWED,O:RWED,G,W)

ÔÚÒÔÏÂÀý×ÓÖУ¬¸ü¸ÄÎļþ MAST12.TXT µÄ»ùÓÚ UIC µÄ±£»¤: 


$ SET SECURITY/PROTECTION=(S:RWED,O:RWED,G:RE,W) MAST12.TXT

10.5 ͨ¹ýÍøÂç´æÈ¡Îļþ

ÒÔϼ¸½ÚÃèÊöÈçºÎͨ¹ýÍøÂç´æÈ¡Îļþ¡£

10.5.1 ´æÈ¡¿ØÖÆ×Ö·û´®

ÔÚͨ¹ý DECnet for OpenVMS ÍøÂçÖ´ÐвÙ×÷µÄ DCL ÃüÁîµÄÎļþ˵Ã÷ÖУ¬¿ÉÒÔ°üÀ¨ÍøÂç´æÈ¡¿ØÖÆ×Ö·û´®¡£¸Ã´æÈ¡¿ØÖÆ×Ö·û´®×¼Ðí±¾µØ½ÚµãÓû§´æÈ¡Ô¶³Ì½ÚµãµÄÎļþ¡£

´æÈ¡¿ØÖÆ×Ö·û´®°üÀ¨ÓÃÓÚÔ¶³ÌÕÊ»§µÄÓû§ÃûºÍÀ¨ÈëÒýºÅÄÚµÄÓû§ÃÜÂ룬ÈçÏÂËùʾ:


NODE"username password"::disk:[directory]filename.filetype 

¾¯¸æ
ÓÉÓÚ´æÈ¡¿ØÖÆ×Ö·û´®°üÀ¨ÔÊÐíijÈ˽øÈëÔ¶³ÌÕÊ»§µÄ×ã¹»ÐÅÏ¢£¬Òò´ËËüÃÇ¿ÉÄܲúÉúÑÏÖصÄйÃÜÎÊÌâ¡£

10.5.2 ±£»¤´æÈ¡¿ØÖÆ×Ö·û´®

Òª±£»¤´æÈ¡¿ØÖÆ×Ö·û´®µÄÐÅÏ¢£¬×ñÑ­ÒÔϹæÔò:

  • ±ÜÃâÔÚÓ²¿½±´»òÊÓƵÖÕ¶ËÕ¹ÏÖÆäÐÅÏ¢¡£Èç¹ûʹÓÃÒ»¸öÓ²¿½±´Öնˣ¬ÄÇôǡµ±µØ´¦ÀíÊä³ö¡£Èç¹ûʹÓÃÒ»¸öÊÓƵÖնˣ¬ÔòÇå³ýÆÁÄ»²¢ÇÒµ±ÍøÂç×÷ÒµÍê³ÉʱʹÓà DCL ÃüÁî RECALL/ERASE Çå¿ÕÖØе÷Óûº³åÇø¡£ÕâÑù¿É×èÖ¹ÁíÒ»¸öÓû§Í¨¹ýʹÓà Ctrl/B ×éºÏ¼ü»òʹÓà DCL ÃüÁî RECALL/ALL ÏÔʾÃüÁîÐÐÀ´²é¿´ÃÜÂë¡£
  • ²»Òª°Ñ°üÀ¨´æÈ¡¿ØÖÆ×Ö·û´®µÄÍøÂçÃüÁî·ÅÈëËƺõΪ·¢ÏÖÄ¿±êµÄÃüÁî¹ý³ÌÖС£
  • Èç¹û±ØÐë°Ñ´æÈ¡¿ØÖÆ×Ö·û´®·ÅÈëÃüÁî¹ý³Ì£¬ÄÇôΪÕâЩÎļþÌṩ×îÊÊÒ˵ÄÎļþ±£»¤¡£

10.5.3 ʹÓôúÀí×¢²áÕÊ»§±£»¤ÃÜÂë

Òª±ÜÃâÐèÒª´æÈ¡¿ØÖÆ×Ö·û´®£¬¿ÉÒÔʹÓôúÀí×¢²áÕÊ»§¡£´úÀí×¢²áÔÊÐíÄúͨ¹ýÍøÂç´æÈ¡Îļþ£¬¶ø²»ÓÃÔÚ´æÈ¡¿ØÖÆ×Ö·û´®ÖÐÖ¸¶¨Óû§Ãû»òÃÜÂë¡£Òò¶ø£¬´úÀí×¢²áÓÐÒÔÏ°²È«ºÃ´¦:

  • ÃÜÂë²»»ØÓ¦ÔÚÇëÇóµÄÖÕ¶ËÉÏ¡£
  • ÃÜÂë²»ÔÚϵͳ¼ä´«ËÍ£¬·ñÔòËüÃǻᱻ½Øȡδ¼ÓÃܵĸñʽ¡£
  • ÃÜÂë²»ÐèÒª³öÏÖÔÚÖ´ÐÐÔ¶³Ì´æÈ¡µÄÃüÁîÎļþÖС£

Ô¶³Ì½ÚµãµÄϵͳ»ò°²È«¹ÜÀíÔ±±ØÐëΪÄú½¨Á¢Ò»¸ö´úÀíÕÊ»§£¬²Å¿ÉÒÔ¿ªÊ¼Ò»¸ö´úÀí×¢²á¡£Ïó³£¹æÕÊ»§Ò»Ñù£¬Ê¹Óà OpenVMS Authorize ¹«ÓóÌÐò (AUTHORIZE) ½¨Á¢´úÀíÕÊ»§¡£ËûÃÇͨ³£ÊÇ·ÇÌØȨµÄÕÊ»§¡£°²È«¹ÜÀíÔ±ÔÊÐíÄú´æÈ¡Ò»¸öĬÈÏ´úÀíÕÊ»§ºÍ¶à´ï 15 ¸öÆäËû´úÀíÕÊ»§¡£ ϵͳ¹ÜÀíÔ±ÐèҪΪ´úÀí×¢²áÉèÖøü¶àµÄÊÂÇ飬Ìṩ¸ü¶àµÄ°²È«ÍøÂç´æÈ¡ÒÔ±ÜÃâÓû§ÐèÒªÊäÈë´æÈ¡¿ØÖÆ×Ö·û´®¡£

ÒÔÏÂÀý×Ó˵Ã÷Õý³£ÍøÂç×¢²áÇëÇóºÍ´úÀí×¢²áÇëÇóµÄ²î±ð¡£¶ÔÓÚÿ¸öÀý×Ó£¬´æÔÚÒÔÏÂÌõ¼þ:

  • Óû§ KMAHOGANY ÓÐÁ½¸öÓû§ÕÊ»§:
    • Ò»¸öÔÚ½Úµã BIRCH ÉÏÃÜÂëΪ "XYZ123ABC" µÄÕÊ»§
    • Ò»¸öÔÚ½Úµã WALNUT ÉÏÃÜÂëΪ "A25D3255" µÄÕÊ»§
  • KMAHOGANY ÒÑ×¢²áµ½½Úµã BIRCH¡£
  • KMAHOGANY ÏëÒª¸´ÖÆÆäÕÊ»§ÔÚ½Úµã WALNUT µÄĬÈÏÉ豸ºÍĿ¼ÖеÄÎļþ BIONEWS.MEM¡£

ÏÂͼչʾÕâЩÌõ¼þ¡£

  • Óû§ KMAHOGANY ¿ÉÄÜʹÓÃÒ»¸ö´æÈ¡¿ØÖÆ×Ö·û´®¸´ÖÆÎļþ BIONEWS.MEM£¬ÈçÏÂËùʾ: 


    $ COPY WALNUT"KMAHOGANY A25D3255"::BIONEWS.MEM  BIONEWS.MEM

    ×¢Òâµ½»ØÓ¦ÃÜÂë A25D3255¡£¹Û¿´ÆÁÄ»µÄÈκÎÈË¿ÉÒÔ¿´µ½Ëü¡£
  • Èç¹û KMAHOGANY ÓÐÒ»¸ö´Ó½Úµã BIRCH ´æÈ¡½Úµã WALNUT ÉϵĴúÀíÕÊ»§£¬ÄÇô¸´ÖÆÎļþ BIONEWS.MEM µÄÃüÁîÈçÏÂËùʾ: 


    $ COPY WALNUT::BIONEWS.MEM   BIONEWS.MEM

    KMAHOGANY ²»ÐèÒªÔÚ´æÈ¡¿ØÖÆ×Ö·û´®ÖÐÖ¸¶¨ÃÜÂë¡£×÷Ϊ´úÌ棬ϵͳִÐÐÒ»¸ö´úÀí×¢²á£¬´ÓËûÔÚ½Úµã BIRCH ÉϵÄÕÊ»§½øÈëËûÔÚ½Úµã WALNUT ÉϵÄÕÊ»§£¬Ã»Óн»»»ÃÜÂë¡£

10.5.4 ͨÓôæÈ¡´úÀíÕÊ»§

°²È«¹ÜÀíÔ±Ò²¿ÉÒÔÊÚȨÀ´×ÔÍⲿ½ÚµãµÄÓû§×é¹²ÏíʹÓÃÒ»¸öͨÓôæÈ¡´úÀíÕÊ»§¡£ÀýÈ磬ÔÚ½Úµã WALNUT Éϵݲȫ¹ÜÀíÔ±¿ÉÒÔ´øÒÔÏÂÌõ¼þ½¨Á¢Ò»¸öͨÓôæÈ¡ÕÊ»§:

  • Óû§Ãû GENACCESS¡£
  • ´æÈ¡ÏÞÖÆΪÍøÂç×¢²á¡£
  • Ö»ÓÐÕÊ»§ÓµÓÐÕß²ÅÖªµÀÆäÃÜÂë¡£(Ô¶³ÌÓû§Ã»ÓÐÐèÒªÖªµÀËü¡£) ÕâÓÐÖúÓÚ±£»¤Õâ¸öÕÊ»§¡£
  •  Ä¬ÈÏÉ豸ºÍĿ¼ÊÇ STAFFDEV:[BIOSTAFF]¡£

Èç¹û°²È«¹ÜÀíÔ±×¼Óè BIRCH::KMAHOGANY ´úÀí´æÈ¡ GENACCESS ÕÊ»§£¬ÄÇôͨ¹ýÊäÈëÒÔÏÂÃüÁÓû§ KMAHOGANY ¿ÉÒÔ¸´ÖÆÎļþ BIONEWS.MEM: 


$ COPY WALNUT::[KMAHOGANY]BIONEWS.MEM   BIONEWS.MEM

×¢Ò⣬KMAHOGANY ±ØÐëÖ¸¶¨Ä¿Â¼ [KMAHOGANY]£¬ÒòΪÎļþ BIONEWS.MEM ²»ÊÇÔÚ GENACCESS ÕÊ»§ (STAFFDEV:[BIOSTAFF]) µÄĬÈÏÉ豸ºÍĿ¼¡£ÁíÍ⣬¶ÔÎļþ BIONEWS.MEM µÄ±£»¤±ØÐë×¼Ðí GENACCESS ÕÊ»§´æÈ¡¡£·ñÔò£¬ Õâ¸öÃüÁîʧ°Ü¡£

Èç¹û¿ÉÒÔ´æÈ¡¸ø¶¨½ÚµãµÄÒ»¸öÒÔÉÏ´úÀíÕÊ»§£¬¶øÓÖ²»ÏëʹÓÃĬÈÏ´úÀíÕÊ»§£¬ÄÇô¾ÍÖ¸¶¨Õâ¸ö´úÀíÕÊ»§Ãû¡£ÀýÈ磬ҪʹÓôúÀíÕÊ»§ PROXY2 ´úÌæ GENACCESS ÕÊ»§ (ĬÈÏ)£¬KMAHOGANY ¿ÉÊäÈëÒÔÏÂÃüÁî: 


$ COPY WALNUT"PROXY2"::[KMAHOGANY]BIONEWS.MEM BIONEWS.MEM

Õâ¸öÃüÁîʹÓà PROXY2 ÕÊ»§¸´ÖÆÔÚ½Úµã WALNUT µÄ [KMAHOGANY] Ŀ¼ÉϵÄÎļþ BIONEWS.MEM¡£

10.6 Éó²é¶ÔÄúµÄÕÊ»§ºÍÎļþµÄ´æÈ¡

ËäÈ»°²È«¹ÜÀíÔ±µÄ¹¤×÷ÊǼà¿ØϵͳÉÏ¿ÉÄܵķǷ¨´æÈ¡Æóͼ£¬µ«ÊÇÄúÒ²¿ÉÒÔ°ïÖú°²È«¹ÜÀíÔ±Éó²é¶ÔÄúµÄÕÊ»§ºÍÎļþµÄ´æÈ¡¡£

10.6.1 ¹Û²ìÄúµÄ×îºó×¢²áʱ¼ä

OpenVMS ϵͳά»¤ UAF ¼Ç¼ÖеÄÐÅÏ¢£¬ÆäÖаüÀ¨Äú×¢²áÕÊ»§µÄ×îºóʱ¼ä¡£°²È«¹ÜÀíÔ±¾ö¶¨ÏµÍ³ÊÇ·ñÓ¦¸ÃÔÚ×¢²áʱÏÔʾÕâ¸öÐÅÏ¢¡£ ÐèÒªÖи߼¶°²È«µÄÕ¾µãƵ·±µØÏÔʾÕâ¸öÐÅÏ¢£¬²¢ÇëÇóÓû§¼ì²éÊÇ·ñ´æÔÚ²»Æ½³£µÄ»ò²»ÄܽâÊ͵ijɹ¦×¢²áºÍ²»ÄܽâÊ͵Äʧ°Ü×¢²á¡£

Èç¹ûÓÐÒ»¸ö½»»¥»ò·Ç½»»¥×¢²á²»ÔÚÄúµÄ×¢²áʱ¼äÄÚ£¬Ñ¸ËÙ°ÑËü±¨¸æ¸ø°²È«¹ÜÀíÔ±¡£Ò²¸ü¸ÄÄúµÄÃÜÂë¡£°²È«¹ÜÀíÔ±¿ÉÒÔʹÓûá¼ÆÎļþºÍÉó²é¼Ç¼½øÐнøÒ»²½µ÷²é¡£

Èç¹ûÄú½ÓÊÕµ½Ò»Ìõ×¢²áʧ°ÜÏûÏ¢¶øÓÖ²»ÄܽâÊÍÕâ¸öʧ°Ü£¬ÄÇôºÜÓпÉÄÜijÈËÕýÔÚ³¢ÊÔ´æÈ¡ÄúµÄÕÊ»§£¬µ«Ã»Óгɹ¦¡£¼ì²éÄúµÄÃÜÂ룬ȷ±£¼á³ÖÁËÔÚ 1.9 ½ÚÃèÊöµÄÃÜÂ밲ȫµÄËùÓÐÍƼö¡£Èç¹ûûÓУ¬Á¢¼´¸ü¸ÄÃÜÂë¡£

Èç¹ûÆÚÍû¿´µ½Ò»Ìõ×¢²áʧ°ÜÏûÏ¢¶øËüÈ´²»³öÏÖ£¬»òÕßʧ°Ü¼ÆÊýÌ«µÍ£¬ÄÇô¸ü¸ÄÄúµÄÃÜÂë¡£°ÑÕâЩע²áʧ°ÜµÄÎÊÌⱨ¸æ¸ø°²È«¹ÜÀíÔ±¡£

°²È«¹ÜÀíÔ±¿ÉÒÔÑ¡ÔñÒ»Àà»ò¶àÀàʼþ£¬±£Ö¤ÒªÌرð×¢ÒâÆä·¢Éú¡£¼ì²âµ½ÕâÑùµÄʼþʱ£¬°²È«¹ÜÀíԱָʾϵͳ·¢ËÍÒ»¸öÉó²éµ½ÏµÍ³°²È«Éó²é ÈÕÖ¾Îļþ£¬»òÕß·¢ËÍÒ»¸ö¾¯±¨¸øÖնˣ¬Ê¹Ö®³ÉΪ°²È«²Ù×÷Ô±Öնˡ£ÀýÈ磬°²È«¹ÜÀíÔ±¿ÉÒÔ±êʶһ¸ö»ò¶à¸öÎļþ½ûֹд´æȡȨ¡£¿ÉÒÔÔÊÐíÉó²é»òÕß¿ÉÒÔÉèÖþ¯±¨Ö¸³ö³¢ÊÔ¶ÔÕâЩÎļþµÄ´æÈ¡¡£

Èç¹ûÍƲâÓÐÒ»¸ö¶ÔÄúµÄÕÊ»§µÄ·Ç·¨´æÈ¡£¬Ôò¸ü¸ÄÄúµÄÃÜÂë¡£¿ÉÒÔÇëÇó°²È«¹ÜÀíԱʵÏÖ¶ÔÃô¸ÐÎļþµÄÉó²é¡£

Ç°Ò³ ºóÒ³ Ŀ¼ Ë÷Òý