Open System Services Management and Operations Guide (G06.30+, H06.08+, J06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series

231

232

233

234

235

236

237

238

239

240

Identifying Attempts to Break Security

Checking the file system for changes in the ownership and permissions of important files and

directories can reveal the presence of an intruder. You can monitor permissions by entering the

following OSS shell command periodically:

ls -alt pathname > file

pathname

is the OSS pathname for the mount-point directory of a fileset you want to monitor (such as

/bin and /etc).

file

is the OSS filename of a file to receive the output.

Use a different OSS filename each time you use this ls command, and use the diff command

to compare the different listings.

If a file on which only the super ID (255,255 in the Guardian environment, 65535 in the OSS

environment) had permissions has changed to have more general permissions (and if this change

was not authorized), a break-in might have occurred.

Using an OSS Security Event-Exit Process (SEEP)

Since the J06.03, H06.08, and G06.29 RVUs, Safeguard provides the feature that allows a partner

or customer Security Event-Exit Process (SEEP) to participate in security policy enforcements of

Guardian objects (files, subvolumes, and volumes). This security feature was not supported for OSS

objects.

Beginning with the J06.15 and H06.26 RVUs, a partner or customer OSS SEEP is supported and

can participate in access-control decisions for OSS objects. This capability increases the acceptability

of OSS-based applications to security auditors and improves OSS security manageability.

The OSS name server consults the OSS SEEP for access authorization during operations on files

when both of the following conditions are met:

• The file resides in a Version 3 catalog fileset that is OSS SEEP-protected. The fileset's

SEEPPROTECTED attribute must be set to ON.

• The corresponding OSS name server is OSS SEEP-enabled. The OSS name server's

SEEPENABLED attribute must be set to ON and the OSS SEEP must be running.

NFS operations are not supported on filesets that are OSS SEEP-protected:

• An attempted NFS mount of a directory that belongs to an OSS SEEP-protected fileset is denied

with an EPERM error.

• An attempted NFS operation on an OSS SEEP-protected fileset is denied with an EPERM error.

For additional information about OSS SEEP consultation, system and library calls, IPC messages,

and design, see the Open System Services Programmer’s Guide.

OSS SEEP-Related Attributes for Filesets and OSS Name Server

To support OSS SEEP configuration on a per-fileset basis and to support a separate OSS SEEP per

OSS name server, a new fileset attribute and a set of new OSS name server attributes are provided.

All OSS SEEP-related fileset and OSS name server attributes are configured and displayed through

Subsystem Control Facility (SCF) commands.

IMPORTANT:

Only members of both the SOA group and Super group are allowed to set or alter the OSS

SEEP-related fileset and OSS name server attributes.

Protecting Your System 231