https://community.hpe.com/t5/operating-system-openvms/application-defined-security-objects/m-p/4499577#M30607 Is it possible to define application-level security objects, options, access types etc. and utilise the $chkpro ACL/ACE mechanism to grant access from within an application? Much like the CMS Set ACL command. If so how? Thu, 17 Sep 2009 14:12:20 GMT Tim Platten 2009-09-17T14:12:20Z https://community.hpe.com/t5/operating-system-openvms/application-defined-security-objects/m-p/4499577#M30607 Is it possible to define application-level security objects, options, access types etc. and utilise the $chkpro ACL/ACE mechanism to grant access from within an application? Much like the CMS Set ACL command. If so how? Thu, 17 Sep 2009 14:12:20 GMT https://community.hpe.com/t5/operating-system-openvms/application-defined-security-objects/m-p/4499577#M30607 Tim Platten 2009-09-17T14:12:20Z https://community.hpe.com/t5/operating-system-openvms/application-defined-security-objects/m-p/4499578#M30608 The CMS SET ACL stuff is implemented entirely within CMS, so it can do whatever the application programmers implemented. Construct your own $check_access or $chkpro data structures and pass them along to the application's calls, or implement your own security model for your own objects, and off you go. <BR /><BR />Your (application) code, your scheme.<BR /><BR />Now if you're looking to have arbitrary applications extend the OpenVMS security model in a cooperative fashion (eg: notifications of new files arriving within specified directories, etc), no, there's no good (documented) means for that. Thu, 17 Sep 2009 16:10:25 GMT https://community.hpe.com/t5/operating-system-openvms/application-defined-security-objects/m-p/4499578#M30608 Hoff 2009-09-17T16:10:25Z