Security Management Guide (G06.24+, H06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series

101

102

103

104

105

106

107

108

109

110

Concerns for the User

Security Management Guide—522283-008

5-18

Securing Your TACLCSTM and TACL Macro Files

Report atypical symptoms such as:

•

Your first attempt to log on is refused although you entered the correct user ID and

password. In this case, a Trojan horse program might have displayed a TACL

prompt on your terminal and waited for you to log on. When you tried to log on, you

gave your secret password to the Trojan horse program.

•

Someone other than you has relaxed the security of your files.

•

The output of a program seems vaguely different from previous similar executions.

Other People’s Programs

Never run unknown programs owned by other users. For example, if someone sends

you a message to test a particular program, do not do it. The program might perform

actions unknown to you, using the privileges of your user ID.

Interesting Program Names

Never run interesting sounding programs located in other places, such as another

user’s default subvolume. Intruders can plant Trojan horse programs with names such

as HANGMAN, CHESS, or CALC.

Securing Your TACLCSTM and TACL Macro Files

The TACLCSTM file in your default subvolume contains TACL macros that are

automatically executed when you log on. Depending on local policy, you might have

ownership of this file. Secure TACLCSTM so that only you can modify or purge it.

Failure to secure your TACLCSTM file against modification by others can allow an

intruder to insert commands into the file that are executed under your user ID when

you log on.

Failure to secure your TACLCSTM file against purging by others can allow an intruder

to give it another name and to substitute a Trojan horse TACLCSTM that is executed

under your user ID when you log on. A sophisticated intruder can even have the

TACLCSTM alter itself so that evidence of the intrusion disappears

In this example, suppose your user name is SALES.ROBIN. Issue the VOLUME and

FUP SECURE commands to secure your TACLCSTM file in your default subvolume

($SALES.ROBIN) to security setting OOOO. This security setting limits read, write,

execute, and purge access to you, the owner. Then use the FILEINFO command to

verify the operation.

19> VOLUME {resets default subvolume}

20> FUP SECURE TACLCSTM,"OOOO" {secures taclcstm file}

Note. Never purge your own TACLCSTM. Another user could insert a new TACLCSTM before

your next logon and gain access to your privileges or data.