- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- "Hidden" Logicals.
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-09-2008 07:40 AM
тАО07-09-2008 07:40 AM
Dave.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-09-2008 07:54 AM
тАО07-09-2008 07:54 AM
SolutionYou might be able to create a (very protected) and private and shared logical name table, and stuff the logical names there. (I've not tried this, but it may well provide what you want.)
Logical names, filenames, email addresses and other security-relevant object names are usually expected to be user visible. Sometimes even visible off-node -- you can often view system logical names from a remote host via DECnet, for instance.
Maintaining my hammerlock on the obvious, I'm guessing you're storing something sensitive here such as a password, and there might be an alternative solution. Certificates or proxies, for instance, might be useful for certain cases.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-09-2008 08:09 AM
тАО07-09-2008 08:09 AM
Re: "Hidden" Logicals.
Can you give a more precise definition of what is desired. Certainly, it is possible to protect different logical name tables, and name tables other than LNM$PROCESS, LNM$JOB, LNM$GROUP, AND LNM$SYSTEM can be included in the translation sequence (see the "Programming Concepts" manual, or my OpenVMS Technical Journal article "Inheritance Based Environments in Stand-alone OpenVMS Systems and OpenVMS Clusters", available from http://www.rlgsc.com/publications/vmstechjournal/inheritance.html ).
Do you want the translation to work, but the name not be accessible?
- Bob Gezelter, http://www.rlgsc.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-09-2008 12:54 PM
тАО07-09-2008 12:54 PM
Re: "Hidden" Logicals.
For instance: referring to a directory referred to by logical "APPL_DATA" will allow a program to access datafile "APPL_DATA:INVENTORY.DAT". Restrictin access to the logical's value (= translation) will disallow this access, unless the programn runs in an environment that does have access to the logical.
OpenVMS Developer & System Manager
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-09-2008 04:42 PM
тАО07-09-2008 04:42 PM
Re: "Hidden" Logicals.
/TRANSLATION=TERMINAL will prevent a logical name from being translated automatically, but it won't hide the translation from a SHOW LOGICAL or $TRNLNM request. It also requires that the equivalence name be expressed only in physical device names.
As others have pointed out, it's easy to hide logical names, just put them in a protected table. But then from the perspective of users from whom they're hidden, they don't exist at all!
If you want someone to be able to use a logical name, they must, by definition, be able to see the translation.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-10-2008 04:31 AM
тАО07-10-2008 04:31 AM
Re: "Hidden" Logicals.
If a logical name and/or table is protected from a user with 'user' privileges the user can't see it but if the user executes a program which is installed with the privilege required to access the name/table then perhaps you can achieve what you want?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-10-2008 05:38 AM
тАО07-10-2008 05:38 AM
Re: "Hidden" Logicals.
I was hoping that there might be some obscure method that I had missed, but apparently not.
I appreciate the suggestions re. using a secured logical name table, and I will investigate that. My problem is that whatever solution I come up with must be implemented without affecting an existing legacy application.
Of course, Hoff pointed out the reason for investigating this, "sensitive info"
anyway thanks again.
Dave
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-10-2008 05:41 AM
тАО07-10-2008 05:41 AM