Security Management Guide (G06.24+, H06.03+)
Concerns for the User
Security Management Guide—522283-008
5-20
Suggestions for Dial-Up Users
In addition to specific subvolume names, your search list can include #DEFAULTS,
which designates your current subvolume. However, including #DEFAULTS in your
search list can lead you to accidentally execute a Trojan horse program, especially if
#DEFAULTS appears before $SYSTEM.SYSTEM in your search list.
If you must use #DEFAULTS in your search list, put it after $SYSTEM.SYSTEM. This
method ensures that you use only the distributed version when you try to run trusted
system programs such as FUP.
Suggestions for Dial-Up Users
Your system might perform remote operations through modems and telephone lines.
Consult your system administrators for any additional security requirements, which can
include:
•
Special dial-up passwords
•
Call-back systems
•
Terminal authentication answer-back messages
•
Other special authentication methods (such as challenge-response)
Be especially careful when you use dial-up facilities because of the increased risk of
revealing information useful to a remote intruder.
Concerns for the OSS Environment
Typically, you log on initially in the Guardian environment by using the TACL or
Safeguard logon dialog. Therefore, be familiar with the concerns for the TACL user
presented earlier in this section. After successfully logging on, execute the osh
command to enter the OSS environment.
In the OSS environment, your primary security concerns deal with directory and file
access as summarized in the following subsections. For detailed information about file
and directory security, refer to the Open System Services User’s Guide.
File Security
Each file and directory in the OSS environment has associated with it a permission
code that indicates the security applied to the file or directory. For more information,
see Permission Codes on page 4-3. Use the ls -l command to view the permission
code assigned to a file or directory. For example, the following command displays the
permission code assigned to the file myfile2 in the current directory:
$ ls -l myfile2
-rwxr-xr-x 1 PROG.WILSON PROG 102 Jul 5 10:14 myfile2