Open System Services Management and Operations Guide (G06.29+, H06.07+)
Managing Security
Open System Services Management and Operations Guide—527191-005
8-27
Auditing of OSS Shell Commands
For example, assume that a fileset is mounted on /usr/src/projects/mine. The
following sequence of calls occur:
rename("/usr/src/projects", "/usr/src/tasks");
open("/usr/src/tasks/mine/main.c");
The audit record for the open call might contain
/usr/src/projects/mine/main.c (the old pathname) rather than
/usr/src/tasks/mine/main.c (the new pathname).
For a description of the OSS subsystem message that occurs under these conditions,
see OSS subsystem message 20 in the Operator Messages Manual.
Auditing of OSS Shell Commands
Many OSS shell commands cause audit records to be generated by the OSS name
server when auditing is enabled. The contents of each audit record depend on which
operation is being performed. In cases where the operation is terminated because of
an error and a security ruling has not yet been obtained, no auditing is performed.
Some of the shell commands that cause audit records to be created are mkdir,
chmod, chown, kill, and rmdir.
Protecting Your System
This subsection covers the following topics:
•
OSS Shell Commands Useful for Security Administration on page 8-27
•
Use of suid Scripts on page 8-28
•
Preventing Security Problems on page 8-29
•
Identifying Attempts to Break Security on page 8-30
OSS Shell Commands Useful for Security Administration
This subsection covers the following topics:
•
Creating a Logon Session With the su Command on page 8-27
•
Displaying Your User Login Name on page 8-28
•
Changing Your User Group on page 8-28
Creating a Logon Session With the su Command
The su command provides an alternative to login for accessing an OSS account. The
su command can change:
•
The login name of the current shell (thus changing the user ID of the current shell)
•
The password for the user ID of the current shell
•
The login name of a new shell (thus changing the user ID from that of the current
shell)