Security Management Guide (G06.24+, H06.03+)

Guardian System Security

Security Management Guide—522283-008

2-24

Limiting Access to HP Licensed Programs

•

Change the intruder program’s effective user ID or process access ID (PAID) in the

process control block to gain the privileges of other users (including the super ID)

and then browse and change files

•

Directly manipulate physical hardware resources

Limiting Access to HP Licensed Programs

HP programs maintain data integrity and allow safe access to user resources. Also, do

not allow all users to execute these programs. Use Guardian security strings to limit

the use of system programs that allow access to files belonging to a wide range of

users.

Administrative Procedures

When requested to license a user program, insist on receiving the following:

•

A full explanation of the program’s purpose and a justification of the use of

privileged procedures

•

Management approval (if dictated by local policy)

The request should be allowed if both these conditions apply:

•

The function is legitimate and necessary.

•

The function cannot be achieved using nonprivileged programming techniques.

Review of Source Code

Before you license a user program, have the system manager (or a trusted

programmer) review the source code. Look for possible security violations wherever

the program:

•

Recognizes specific users for special capabilities

•

Changes operating system control blocks

•

Changes the PAID (especially to 255,255) or effective user ID (especially to 65535)

Compilation and Binding

To assure that the source code matches the actual object program, the system

manager should perform the compiling and binding operations.

Testing

Test the program to ensure that it does not perform or allow any actions that would be

considered security violations. This test is usually done by the security-administration

staff.