Sorry guys, it's much dumber than that!
It's not really a bug or a feature, just an historical artifact.
For login, SYSUAF requires a "trusted" logical name. That means DEFINEd /SYSTEM/EXEC. This is a security feature to prevent hijacking of the UAF without high level privileges. Note that it's not automatic just because LOGINOUT is INSTALLed, this is deliberately coded.
However, to AUTHORIZE, the UAF is "just a file", so it will follow ANY logical name "SYSUAF" in any mode and in any table visible to the executing process. First one found is the one used. The default is SYS$DISK:[]SYSUAF.DAT, so on a system without a system wide logical name, a fairly common gotcha is for the system manager to edit a "private" SYSUAF in the SYS$MANAGER directory and wonder why the changes don't take. This is really an artifact of the V1.0 implementation of SYSUAF and AUTHORIZE (maybe another legacy of Mr Cutler?)
Any non-privileged user can create their own SYSUAF with AUTHORIZE. Fortunately they can't make the system use it! Beware of the message:
%UAF-E-NAOFIL, unable to open system authorization file (SYSUAF.DAT)
-RMS-E-FNF, file not found
Do you want to create a new file?
This means you're not editing the "real" SYSUAF. If you say "YES" a file will be created, so NEXT TIME your fire up AUTHORIZE, you'll open that file without any warning.
RIGHTSLIST is different. It was implemented much later - in V4.0. It uses a more disciplined and structured model. Instead of J.Random program accessing the file directly, all accesses are done through system services. The file is always located via a trusted logical name. This means there a guaranteed consistent view across the system. Unfortunately, the consistency of RIGHTSLIST and the inconsistency of SYSUAF is itself an inconsistency! I think the proxy files are similar. Phase IV is like SYSUAF, Phase V is like RIGHTSLIST.
It could be argued that AUTHORIZE should probably be reimplemented using the $SETUAI and $GETUAI system services to eliminate this anomoly, BUT so many people are used to being able to "stage" a UAF using a private SYSUAF logical name. There are also much more important areas which need attention and (very!) finite engineering resources.
Bottom line - make sure the SYSUAF logical name is correctly defined on ALL systems, even if it's in the default location (Ian's suggestion of /NAME=NO_ALIAS is also a good idea).
A crucible of informative mistakes
