Manualshelf

Security Management Guide (G06.24+, H06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
61626364656667686970
Safeguard System Security
Security Management Guide522283-008
3-14
Testing Access Control Lists
by an access control list. For example, if two groups need access to the file, the
original Guardian string would have to give everyone access. However, with a
Safeguard access control list, you can specify only the two groups that need access.
Testing Access Control Lists
You can test access control lists in a special state of Safeguard operation called
warning mode. In this special mode, the Safeguard software allows access to any
object that has an access control list even if the access control list does not grant
access. Instead of denying such access attempts, the Safeguard software creates
audit records of them. By examining these audit records, you can check the
effectiveness of your access control lists before implementing them in a production
environment. For details about warning mode, refer to the Safeguard Administrator’s
Manual.
Securing Critical Objects
Nonprivileged users can secure several system objects–in particular, processes,
subprocesses, subvolumes, and disk files. Secure all critical objects of these types
before a nonprivileged user has a chance to secure them, or restrict the ability to
secure these types of objects by creating OBJECTTYPE authorization records.
Securing Disk Files
Secure system files that HP supplies. These files reside in the $SYSTEM.SYSTEM
subvolume and in the $SYSTEM.SYSnn subvolume. The type of access required
varies depending on the type of file. Programs such as PASSWORD, TEDIT, and TACL
need to be used by most users, while programs such as SCF need to be used primarily
by the operations staff.
System files are generally owned by the super ID (255,255). To minimize the power of
the super ID, you might want to transfer ownership of system files to an existent but
frozen user. The security administrator or another trusted member of the security staff
should own the record for the frozen user, which should be thawed only in
emergencies.
Always secure the object code files for utilities and applications. Grant EXECUTE
authority to users who need to run the program, and grant READ and WRITE
authorities to those users who need to maintain the code.
Secure all data files used by applications and system programs. These files need to be
accessible by the user ID under which the programs run.
Secure OBEY command files and TACL macro files so only authorized users have
READ authority.