HP 3000 Manuals HP 3000 Manuals
Chapter 6 Controlling User's Special Abilities with Capabilities. Capabilities A variety of people use HP 3000 Computer Systems. They range from those who use the system only to run simple application programs to system programmers who modify MPE/iX. The user who runs application programs, for example, needs only to be able to log on, run a particular program or set of programs, and log off. A system programmer, on the other hand, needs access to special system functions. Capabilities can help you control who has access to what parts of the system. In order to create permanent files, for example, a user must have Save Files Permanently (SF) capability. To create a session on another terminal from within a session, a user must have Programmatic Sessions (PS) capability. Refer to Table 6-1 for a list of all capabilities and their standard abbreviations, later in this chapter. Refer to appendix A for a complete description of each capability. You assign capabilities at the account, group, and user level. Account capabilities are the capabilities available to account users and groups. Group capabilities are the subset of account capabilities available to users logged on to a group and to files within the group. Notice, in Table 6-1 , that only a subset of the capabilities applies to groups. User capabilities are the subset of account capabilities available to a particular user. When a user issues an MPE command or an intrinsic call, the system checks the user's account, group, and user capabilities against those required for the command or intrinsic. Files also have capabilities, especially program files. For example, a user does not need privileged mode (PM) capability to run a privileged mode program, but the program itself must have PM capability and the group in which the program file resides must have PM capability.