Logical name assignments are maintained in logical
name tables. A logical name table can be accessible to only one process,
or it can be shareable if its parent table is shareable. All shareable
name tables are listed in the LNM$SYSTEM_DIRECTORY, the system directory
table. It is shareable logical name tables that the operating system
protects.
Naming Rules |
 |
The name of a logical name table is a string of
1 to 32 characters.
Types of Access |
|
The logical name table class supports the following
types of access:
Read | Gives you the right to look up (translate) logical names in
the table |
Write | Gives you the right to create and delete logical names in the table |
Create | Gives you the right to create a descendant logical name table, including the right to use a subset
of the dynamic memory allocated to the parent logical name table when
creating the descendant logical name table |
Delete | Gives you the right to delete the table |
Control | Gives you
the right to modify the protection elements and owner of the table |
Template Profile |
|
The logical name table class provides the following
template profiles. Although the template assigns an owner UIC of [0,0],
this value is only temporary. As soon as the object is created, the
operating system replaces a 0 value with the value in the corresponding
field of the creating process's UIC.
| Template Name | Owner UIC | Protection Code |
|---|
DEFAULT | [0,0] | S:RW,O:RW,G:R,W:R |
GROUP | [0,*] | S:RWCD,O:R,G:R,W |
JOB | [0,0] | S:RWCD,O:RWCD,G,W |
Privilege Requirements |
|
The operating system allows read and write access
to the group logical name tables with GRPNAM privilege and to the
system logical name table with SYSNAM privilege.
Deletion of a shared table from the system directory
requires SYSNAM privilege, and deletion of a logical name from the
group directory requires GRPNAM privilege. Deletion of a parent logical
name table results in the deletion of all its descendant logical name
tables.
Creation or deletion of an inner-mode logical
name or logical name table requires SYSNAM privilege (or being in
an inner mode).
Kinds of Auditing Performed |
|
The following events can be audited, provided
the security administrator enables auditing for the event class:
| Event Audited | When Audit Occurs |
|---|
Access | When translating a name, when creating a name or a descendent
table, or when deleting a name or a descendent table |
Creation | During
access to a parent table for the right to create a table or when the
table itself is created |
Permanence of the Object |
|
A logical name table and its security profile
must be reset each time the system is rebooted.
