Open System Services Management and Operations Guide (G06.25+, H06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series

251

252

253

254

255

256

257

258

259

260

Managing Security

Open System Services Management and Operations Guide—527191-002

8-27

Use of suid Scripts

•

The password for the user ID of a new shell

Security is enforced by requiring the user to complete a normal login procedure for the

new login name. The new user ID stays in force until the shell exits. The new password

stays in force until it is changed again.

For super ID users, the shell substitutes a # (number sign) for its usual prompt.

You can specify a login shell using /bin/sh with the appropriate environment

variables. You can also specify a string to be passed to the shell as a command to

execute. See the osh(1) reference page either online or in the Open System Services

Shell and Utilities Reference Manual for a discussion about using this option.

For more information about the su command, see the su(1) reference page either

online or in the Open System Services Shell and Utilities Reference Manual.

Displaying Your User Login Name

The logname utility writes to the standard output file the name you used to log in to

the system. You can use this utility after you have issued the su command and want to

check your current user ID.

For more information about the logname command, see the logname(1) reference

page either online or in the Open System Services Shell and Utilities Reference

Manual.

Changing Your User Group

If you are logged in as the super ID, the newgrp command allows you to become a

member of any defined group. This ability can be a convenience when you are

administering files in the OSS file system.

Correct behavior of the newgrp command depends on whether you have a SHELL

environment variable defined for your current terminal session or your user ID has an

INITIAL-PROGRAM attribute defined for it. For more information about the newgrp

command, see the newgrp(1) reference page either online or in the Open System

Services Shell and Utilities Reference Manual.

Use of suid Scripts

Some scripts, known as suid scripts, enable users to perform some activities that

require appropriate privileges; that is, the scripts could be used by an intruder to

assume the identity of the super ID (255,255 in the Guardian environment, 65535 in

the OSS environment).

As a result, it is a good practice to make sure that there are no such script files on your

system. As installed, the OSS environment does not contain suid script files.