Manualshelf

Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP HP-UX Auditing System Extensions
12345678910
2.4.6 Eliminating Pseudo-Accounts and Protecting Key Subsystems in
/etc/passwd................................................................................................45
2.4.7 Secure Login with HP-UX Secure Shell.....................................................46
2.4.8 Securing Passwords Stored in NIS...........................................................46
2.4.9 Securing Passwords Stored in LDAP Directory Server.................................46
2.5 Defining System Security Attributes.................................................................46
2.5.1 Configuring Systemwide Attributes...........................................................48
2.5.2 Configuring Per-User Attributes...............................................................48
2.5.2.1 Examples of Defining User-Specific Attributes with userdbset................49
2.5.2.2 INACTIVITY_MAXDAYS and the Shadow Password File......................49
2.5.3 Troubleshooting the User Database.........................................................49
2.6 Handling setuid and setgid Programs.............................................................50
2.6.1 Why setuid and setgid Programs Can Be Risky.........................................51
2.6.2 How IDs Are Set..................................................................................51
2.6.3 Guidelines for Limiting Setuid Power.......................................................51
2.7 Preventing Stack Buffer Overflow Attacks.........................................................52
2.8 Protecting Unattended Terminals and Workstations...........................................53
2.8.1 Controlling Access Using /etc/inittab and Run Levels................................53
2.8.2 Protecting Terminal Device Files..............................................................54
2.8.3 Configuring the Screen Lock...................................................................54
2.8.3.1 Configuring the TMOUT Variable....................................................54
2.8.3.2 Configuring the CDE Lock Manager................................................55
2.9 Protecting Against System Access by Remote Devices........................................55
2.9.1 Controlling Access Using /etc/dialups and /etc/d_passwd........................56
2.10 Securing Login Banners...............................................................................57
2.11 Protecting the root Account...........................................................................58
2.11.1 Monitoring root Account Access.............................................................58
2.11.2 Using the Restricted SMH Builder for Limited Superuser Access...................58
2.11.3 Reviewing Superuser Access..................................................................59
3 HP-UX Standard Mode Security Extensions...........................................................................61
3.1 Overview....................................................................................................61
3.2 Security Attributes and the User Database.......................................................62
3.2.1 System Security Attributes.......................................................................62
3.2.2 Configuring Systemwide Attributes..........................................................62
3.2.3 User Database Components...................................................................63
3.2.3.1 Configuration Files.........................................................................63
3.2.3.2 Commands..................................................................................63
3.2.3.3 Attributes.....................................................................................63
3.2.3.4 Manpages...................................................................................64
3.2.4 Configuring Attributes in the User Database.............................................65
3.2.5 Troubleshooting the User Database.........................................................65
4 Table of Contents