Manualshelf

Security Management Guide (G06.24+, H06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
41424344454647484950
Guardian System Security
Security Management Guide522283-008
2-23
The Licensing Operation
To access hardware resources, user programs request operating system services by
executing Guardian procedure calls.
To access software resources, terminal users request operating system services by
executing licensed system programs, such as ADDUSER, BACKUP, DEFAULT,
DELUSER, FUP, PASSWORD, RESTORE, RPASSWRD, and USERS.
The Licensing Operation
Licensing is accomplished through the FUP program.
For example, to license a program stored in PROGFILE, the super ID issues this
command:
1> FUP LICENSE PROGFILE
To revoke the license, the super ID issues this command:
2> FUP REVOKE PROGFILE
Effect of Copying a Licensed Program
If a licensed program is duplicated (using FUP), the duplicate loses its license (unless
the super ID makes the copy with the correct FUP options). Even if an intruder
modifies a copy of a licensed program, the copy cannot be run.
Security Implications
Licensing a program that uses privileged operations can seriously compromise both
system integrity and security. Such a program can gather and modify information
anywhere in the system, disrupt the system, disrupt the network, and do anything the
super ID can do (including license another program).
Licensing a program that performs no privileged operations has no effect on security
because the program gains no privileges that it did not already have.
Licensing a program allows the program to:
Execute privileged instructions, such as SEND and EIO, that directly access the
interprocessor bus and I/O devices
Execute ordinary instructions using privileged addressing modes, thus permitting
references to system global (SG) data space
Execute procedures that have either the PRIV or CALLABLE attribute
Although the operating system needs these privileges to perform work on behalf of
users, if an intruder’s program is licensed, the intruder can:
Modify protected memory areas containing a program’s instructions and data,
without leaving evidence of the change