Capabilities in MPE

Capability Bits Restrict Actions

The features of MPE are grouped into categories called capabilities which are identified by two-letter codes, such as PM for Privileged Mode. If a user or a program (and the group and account which it resides in) do not have a capability, they cannot do certain acts. In UNIX, the only similar feature is superuser. Think about the differences between capabilities with file security.

The most common problem: after giving yourself a new capability, you must log on again before you can use it.

Cap=AL,AM,BA,IA,CS,CV,DI,DS,GL,LG,MR,NA,ND,
    NM,OP,PH,PM,PS,SF,SM,UV

  :newacct :altacct
       default: AL,AM,BA,IA,GL,ND,SF
  :newgroup :altgroup	
       default: BA,IA
  :newuser :altuser	
       default: BA,IA,ND,SF

Cap=BA,DS,IA,MR,PH,PM
  :link from=objfile;to=progfile;Cap=ba,ia
  :prep uslfile,progfile
       default: BA,IA

The capabilities are packed into two 16-bit words in several places in MPE, including the Who intrinsic:

Text version.

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
Word 1: SM AM AL GL DI OP CV UV LG PS NA NM CS ND SF
Word 2: BA IA PM MR DS PH

What good are AL and GL capability? Not much. AL itself does not confer any useful abilities. You can give AL to users and you can limit group access to AL users, so you can use AL as an arbitrary handle to fine-tune group security.

Text version.

AL = Account Librarian (almost useless)
AM = Account Manager (owns the groups and users)
BA = Batch Access (:JOB command)
CS = Communication Subsystems
CV = Create Volumes (private disc volumes)
DI = Diagnostician
DS = Data Segments (not Distributed Systems)
GL = Group Librarian (almost useless)
IA = Interactive Access (:HELLO command)
LG = User Logging
MR = Multiple RIN (ability to deadlock the system)
NA = Network Administrator
ND = Non-sharable Device (grab devices for your own use)
NM = Node Manager
OP = Operator functions (Hipri, Restore, etc.)
PH = Process Handling (program runs programs)
PM = Privileged Mode (do anything you want)
PS = Programmatic Sessions (call Startsess intrinsic)
SF = Save File (create a permanent disc file)
SM = System Manager (give out any capabilities)
UV = Use Volumes (private disc volumes)

	0	1	2	3	4	5	6	7	8	9	10	11	12	13	14	15
Word 1:	SM	AM	AL	GL	DI	OP	CV	UV	LG		PS	NA	NM	CS	ND	SF
Word 2:								BA	IA		PM		MR		DS	PH

AL	=	Account Librarian (almost useless)
AM	=	Account Manager (owns the groups and users)
BA	=	Batch Access (:JOB command)
CS	=	Communication Subsystems
CV	=	Create Volumes (private disc volumes)
DI	=	Diagnostician
DS	=	Data Segments (not Distributed Systems)
GL	=	Group Librarian (almost useless)
IA	=	Interactive Access (:HELLO command)
LG	=	User Logging
MR	=	Multiple RIN (ability to deadlock the system)
NA	=	Network Administrator
ND	=	Non-sharable Device (grab devices for your own use)
NM	=	Node Manager
OP	=	Operator functions (Hipri, Restore, etc.)
PH	=	Process Handling (program runs programs)
PM	=	Privileged Mode (do anything you want)
PS	=	Programmatic Sessions (call Startsess intrinsic)
SF	=	Save File (create a permanent disc file)
SM	=	System Manager (give out any capabilities)
UV	=	Use Volumes (private disc volumes)