| Previous | Contents | Index |
As should not be surprising, use of the PMDF API requires privileges. Indeed, were privileges not required, then anyone could read messages out of PMDF's message queues and send fraudulent mail messages.
1.10.1 OpenVMS Systems
Dequeuing messages only requires privileges sufficient to open, read from, and write to the queue cache database and to open, read from, rename, and delete files in the PMDF message queue directories. Under OpenVMS, the queue cache database and the queue directories are protected (s:rwed,o:rwed,g,w)
with the files owned by the PMDF account if one was created when PMDF
was installed or owned by the SYSTEM account otherwise.
Enqueuing messages requires privileges sufficient to create, open, read from, and write to the queue cache database as well as to create subdirectories and files in the PMDF message queue directories. In addition, under OpenVMS the SYSPRV and CMKRNL privileges are required so that PMDF can submit any processing jobs required to handle an enqueued message. Note that PMDF itself does not use these privileges: they are required by the $SNDJBC system service call used to dispatch processing jobs.
Under OpenVMS, use of the PMDFsetCallBack
routine requires SYSLCK privilege: cluster-wide resource locks with
blocking AST's are used to signal, across a cluster, whether or not the
PMDF queue cache needs to be closed and if PMDF detached processing
jobs (e.g., BN_SLAVE) should exit and restart.
1.10.2 UNIX Systems
On UNIX systems, a program which will be enqueuing or dequeuing messages from or to PMDF must be owned by the account pmdf
and run by that account. If the program is to be run by users other than pmdf
, then it must have the setuid
attribute.
| Previous | Next | Contents | Index |