Manualshelf

Security Management Guide (G06.24+, H06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
31323334353637383940
Guardian System Security
Security Management Guide522283-008
2-9
Owning System Files
The following subsections discuss the security of the different types of system files.
The security settings of these files depend on your security policy and how your
system is used.
Owning System Files
Unless your security policy states otherwise, the super ID (255,255) should own
system files. The special files shown in Table 2-4 on page 2-8 (TANDUMP, DIVER,
USERID, and USERIDAK) should be secured “----”, thus prohibiting access to all but
the super ID.
Reading System Files
Allow read access to system files only where there is a genuine need. For example,
allow read access to microcode files and general library files (runtime libraries, source
files, error message files). To prevent an intruder from copying and inspecting sensitive
system programs, do not allow read access to executable user tools (editors,
compilers) or system tools (DSAP, FUP, TACL, and so forth).
Preventing Writes to System Files
No one should have write access to any system file.
Purging System Files
Generally, no user should be able to purge system files. This rule protects against the
disruption that might result from accidentally purging a system file and the substitution
of a Trojan horse for the legitimate file. For more information, see Trojan Horses on
page 5-17.
Because purge capability might be needed for the RESTORE program, you can
provide a copy of RESTORE with PROGID set to the super ID. Restrict this copy so
only super-group users have EXECUTE authority.
Licensing System Files
The security administrator should be aware of every licensed file.
A program containing privileged code must be licensed if it is to be executed by users
other than the super ID. Only the super ID can license a program or revoke its license.
Several system programs that HP distributes (for example, FUP and PASSWORD)
must be licensed before they can be executed by users other than the super ID.
Only trusted programs should be licensed. Files distributed by HP are trusted in the
sense that they comply with the security requirements of the operating system.
Caution. Do not license the DIVER program. DIVER resets any CPU from a terminal
and should only be used during testing or in an emergency.