Copyright Digital Equipment Corp. All rights reserved.

SECURITY_POLICY

   SECURITY_POLICY allows a system to run in a C2 or B1
   configuration and to subset out particular pieces of
   functionality-to exclude functionality that is outside the
   evaluated configuration or to preserve compatibility with
   previous versions of the operating system. See the VSI OpenVMS
   Guide to System Security for further information about the C2 and
   B1 evaluated configurations.

   The following bits are defined:

   Bit   Description

   0     Obsolete.

   1     Allows multiple user names to connect to DECW$SERVER.

   2     Allows unevaluated DECwindows transports (such as TCP/IP).

   3     Allows $SIGPRC and $PRCTERM to span job trees.

   4     Allows security profile changes to protected objects on
         a local node when the object server is absent and cannot
         update the cluster database VMS$OBJECTS.DAT.

   5     Allows creation of protected objects on a local node when
         the object server is absent and cannot update the cluster
         database VMS$OBJECTS.DAT.

   6     Allows SPAWN or LIB$SPAWN commands in CAPTIVE accounts.

   7     Reserved to VSI.

   8     Reserved to VSI.

   9     Disables password synchronizations among ACME agents on
         a systemwide pasis. This is functionally equivalent to
         the SYS$SINGLE_SIGNON logical name bit mask value 4 for
         LOGINOUT.

   10    Allows privileged applications to successfully authenticate
         a user whose principal name maps to a SYSUAF record that is
         either expired or whose modal restrictions would otherwise
         prevent the account from being used.

         A SYSUAF record that is disabled or password-expired (in
         the case of traditional OpenVMS authentication) cannot be
         bypassed in this manner.

         An application with SECURITY privilege specifies the
         SYS$ACM ACME$M_NOAUTHORIZE function modifier to override
         authorization checks.

   11    Allows any record in the SYSUAF file to be mapped using
         external authentication.

   12    Allows intrusions on a clusterwide or local basis. (If the
         bit is cleared, intrusions are clusterwide.)

   13    Reserved to VSI.

   14    Allows the internal name and backlink of files and
         directories to be read if the user has either execute or
         read access to the file or directory. If this bit is clear,
         read access is required.

         Setting this bit allows the full POSIX pathname of a file
         or directory to be displayed when some of the directories
         in the path are execute-only to the user. This feature is
         required in the following environments:

         o  POSIX pathnames are in use.

         o  The BASH shell or other GNV components are in use.

         o  Applications are using the realpath(),  getcwd(),
            getpwnam(),  and related C runtime library functions.

   The default value of 7 preserves compatibility with existing
   DECwindows Motif behavior. A value of 0 disables all unevaluated
   configurations.