Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 Software DistributorAdministration Guidefor HP-UX 11i: HP Computers > Chapter 9 SD-UX Security

Security on SD-UX Systems
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Glossary

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

Controlling access to data is a key concern of computer security. In SD-UX, file owners and superusers allow or deny access to files on a need-to-know basis by setting or manipulating the file's permission bits to grant or restrict access by owner, group and others. For example, the following file listing:

-rwxr-xr 1 doug admin 738 Mar 26 12:25 datafile

shows that:

  • File owner is user doug.

  • File's group is admin.

  • Name of the file is datafile.

  • Owner permissions are read, write and execute (rwx).

  • Group permissions are read and execute (r-x).

  • Other permissions are read only (r-).

SD-UX commands are essentially object managers that use the SD-UX file system in which to store their objects. There is no need to obtain access to any objects via the file system, so the file system protection scheme is based on blocking access to the file system directories that store these objects.

In addition to SD-UX objects, there are several administrative files (log, configuration, and session files) that are used or managed by SD-UX. These files are not actually SD-UX objects and are accessible via conventional commands such as editors and printing utilities. These files are protected by conventional file system protection modes.

Many of the functions that the SD-UX agents do are privileged. Some operations, such as installing files in system directories (e.g., in the /etc and /dev directories) and customization of system files via control scripts, require superuser privileges. For this reason, SD-UX agents must always run as the superuser.

Any system user may run the SD-UX controller; it is not restricted to use only by superuser. In general, the controller does its work by making Remote Procedure Calls (RPC) to target hosts, but it also requires special privileges occasionally to access critical log, configuration, and session security files. Controllers are set-uid root programs that run with the superuser privilege in effect only briefly to do critical privileged operations, then they switch to the real uid of the user.

Here is a summary of the SD-UX file system protection scheme:

  • SD-UX files are protected from access by anyone other than the superuser by having the group and other permissions of crucial directory modes set to 0.

  • Only agents and daemons running on the local host access SD-UX files directly. All other facilities (controllers, utilities, etc.) go through the agents using RPC to indirectly access files. The agent or daemons perform authentication and authorization checks on all such operations.

  • No hard links may exist that circumvent the directory protection hierarchy of the SD-UX directories nor may symlinks exist that compromise the secrecy of the contents of those directories containing objects that might have list restrictions in effect. Use of only a single (canonical) path to SD-UX objects avoids any such aliasing problems.

Thus, the SD-UX files are totally protected and hidden from non-superuser access.



ACL Entries
  		 


SD-UX Internal Authentication  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2002 Hewlett-Packard Development Company, L.P.