The User and Security Component (USC)

Parent Previous Next

The User and Security Component (USC)

The USC executive component manages users, processes, and security for UOS.

A user account is a uniquely-named set of attributes that define who is allowed to access the system and what they can do when logged in.  Although each user has a name that is unique to the system, UOS uses an associated User ID Code (UIC) to identify the user.  Unless otherwise specified, the term "user" herein will refer to a UIC and the associated attributes.

UICs are 4-byte unsigned integer values.  UIC value 0 is used for the template user settings. That is, UIC 0 is not a user than can log in or be associated with ownership (a reference to UIC 0 in most places is an indication of an unknown, invalid, or unassigned, owner). However, within SysUAF, UIC 0 can be optionally defined. When it is defined, it serves as a template for all newly created user accounts. UIC 1 is always reserved for the Startup account. No user can ever log into the Startup account - its sole use is in starting up the system after the executive startup completes. In fact, that is the only way the Startup user is ever logged-in, via a call directly from the Kernel which forces the login. UIC 1 (and everything about it) is hard-coded. That way, a corrupted or missing SysUAF will never prevent system startup and/or recovery.

UICs 2 through 7 are reserved as special "system" accounts. Normally, when a new user is created in SysUAF, it is assigned an unused UIC greater than 7. Although a user with sufficient privileges can create a new user as a "system" account (UIC<8).  System accounts are treated in special ways.  For instance, a system user account can always log in, even if logins are disabled.