HP OpenVMS Guide to System Security > Appendix A Assigning Privileges

DOWNGRADE Privilege (All)

  Table of Contents

  Glossary

  Index

The DOWNGRADE privilege permits a process to manipulate mandatory access controls. The privilege lets a process write to an object of lower secrecy, in violation of the Bell and LaPadula confinement (*) property.[5] This privilege is reserved for enhanced security products like the Security Enhancement Service software (SEVMS).



[5] Name of the restriction on write-downs. Multilevel security requires the complete prohibition of write-downs by untrusted software.