Security Management Guide (G06.24+, H06.03+)
Concerns for the System Administration Team
Security Management Guide—522283-008
7-4
Super-Group User IDs
regularly because they need to log on to each separate user ID to make the
change.
•
Common TACL macros, utility programs, and other files needed for each role tend
to be loosely protected to make them easily accessible. These files can provide
information helpful to an intruder.
•
A user who has multiple IDs can establish TACL macros or programs that make it
easy to switch roles. If such operations are not protected, an intruder can take
advantage of them.
•
A person who has multiple user IDs might use them to confuse accountability or to
defeat automatic alarms. For example, a user-written process that is monitoring
$CMON can have an alarm set for three consecutive attempts by a single user to
perform a particular action, but a person who has multiple user IDs can bypass the
alarm by repeating the tries with alternating user IDs.
As an alternative to defining multiple user names for the same user, you can assign
multiple aliases to the same user name. However, this arrangement does not reduce
the number of user authentication records that must be administered, and it does not
reduce the potential security risks. Also, user aliases cannot be specified on Safeguard
access control lists.
Super-Group User IDs
The system manager must consider the security implications of allocating super-group
user IDs.
The super group consists of all users whose administrative group is group number 255.
The default name of the super group is SUPER. Super-group user IDs are provided for
operators who perform maintenance operations such as controlling the status of
peripherals and other system components.
Administrative members of the super group have additional privileges in the Guardian
environment. For example, super-group members can start and stop devices. The
Guardian manuals describe the detailed privileges available to members of the super
group. The super ID (user ID 255,255) has more privileges than any other user.
Section 2, Guardian System Security, and Section 3, Safeguard System Security,
discuss super ID privileges and the risks involved in using this ID.
Super-group privileges are also an important consideration in the OSS environment
because that environment is managed almost exclusively from the Guardian
environment.
Group-Manager User IDs
Member 255 of any administrative group is a group-manager ID. For example, user ID
8,255 is the group-manager ID of group number 8. As group manager for group
number 8, member 255 has the authority to: