| Previous | Next | Contents | Index |
As should not be surprising, use of the PMDF API requires privileges. Indeed, were privileges not required, then anyone could read messages out of PMDF's message queues and send fraudulent mail messages.
1.10.1 OpenVMS Systems
Dequeuing messages only requires privileges sufficient to open, read
from, and write to the queue cache database and to open, read from,
rename, and delete files in the PMDF message queue directories. Under
OpenVMS, the queue cache database and the queue directories are
protected (s:rwed,o:rwed,g,w) with the files owned by the
PMDF account if one was created when PMDF was installed or owned by the
SYSTEM account otherwise.
Enqueuing messages requires privileges sufficient to create, open, read from, and write to the queue cache database as well as to create subdirectories and files in the PMDF message queue directories. In addition, under OpenVMS the SYSPRV and CMKRNL privileges are required so that PMDF can submit any processing jobs required to handle an enqueued message. Note that PMDF itself does not use these privileges: they are required by the $SNDJBC system service call used to dispatch processing jobs.
Under OpenVMS, use of the PMDFsetCallBack routine requires
SYSLCK privilege: cluster-wide resource locks with blocking AST's are
used to signal, across a cluster, whether or not the PMDF queue cache
needs to be closed and if PMDF detached processing jobs (e.g.,
BN_SLAVE) should exit and restart.
1.10.2 UNIX Systems
On UNIX systems, a program which will be enqueuing or dequeuing
messages from or to PMDF must be owned by the account pmdf
and run by that account. If the program is to be run by users other
than pmdf, then it must have the setuid
attribute.
1.10.3 Windows Systems
On Windows systems, a program which will be enqueuing or dequeuing
messages from or to PMDF must be owned by the Administrator account and
run by that account.
| Previous | Next | Contents | Index |