Reference Guide
Crypto-C ME Cryptographic Toolkit 13
RSA BSAFE Crypto-C Micro Edition 4.1.4 Security Policy Level 1
with Level 2 Roles, Services and Authentication
Privileged user accounts are able to use tracing and debugging utilities to target a
process with a different user id to the controlling process. An operator using this
privilege to inspect or manipulate a process operating on behalf of another operator
contravenes the single operator mode of operation.
To maintain the single operator mode of operation a privileged user must not use any
of the system tracing and debugging utilities provided by the operating system.
• In Unix-type operating systems the
ptrace system call, the debugger gdb,
strace, ftrace and systemtrap must not be used.
• On Windows equivalent system tracing and debugging utilities must not be used.
If necessary, the operating system can be configured to provide only a single operator.
That is, login credentials for all user accounts, including privileged user accounts, can
be provided to a single individual only.
Server environments
When the module is deployed in a server environment, the server application is the
user of the module. The server application makes the calls to the module. Therefore,
the server application is the single user of the module, even when the server
application is serving multiple clients.