Manualshelf

Security Management Guide (G06.29+, H06.08+, J06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
81828384858687888990
OSS System Security
Security Management Guide 522283-021
4 - 7
Restricted-Access Filesets and File Privileges
Unlike the FUP GIVE command in the Guardian environment, the OSS chown
command cannot be used by the file owner to transfer ownership of a file. Only the
super ID can transfer file ownership by using the chown command.
OSS automatically assigns default permissions to files and directories when they are
created. The umask command can be used to establish a user mask, which specifies
the maximum permissions that can be applied to a file or directory when it is created.
The super ID can include a umask command in the /etc/profile file to specify the
user mask for all users who log on to the shell. An individual user can also include a
umask command in his or her .profile file to establish a personal user mask.
Restricted-Access Filesets and File Privileges
A super ID (255, 255 in the Guardian environment, 65535 in the OSS environment)
has unconditional access to all resources on the system. The super ID can login to the
system as any user without a password for administrative maintenance or other
activities.
The restricted-access filesets provide for securing highly sensitive customer data by
preventing the super ID from accessing files it does not own. When accessing a file in
a restricted-access fileset, the super ID is restricted by the same file permissions and
owner privileges as any other user ID; there are no special privileges.
However, because certain applications, such as the Backup and Restore 2 product,
require access to files in restricted-access filesets, the J06.11 and H06.22 RVUs
introduce the file privilege file attribute, which is used for executable files and DLLs.
The combination of the Safeguard security groups and file privileges for selected
executable files allows system managers to ensure that files in restricted-access
filesets are accessible only to users with appropriate privileges and still perform
important system management tasks like backing up files and fixing damaged filesets.
File Privilege
On systems running J06.11 or later J-series RVUs or H06.22 or later H-series RVUs,
files have an additional privilege attribute that specifies special privileges, if any, a file
has when accessing files in a restricted-access fileset. For example, the executable
files for the Backup and Restore 2 product can be given the PRIVSOARFOPEN file
privilege to allow the Backup and Restore 2 product, when started by a locally-
authenticated member of the Safeguard SECURITY-OSS-ADMINISTRATOR (SOA)
group, to back up and restore files that are in a restricted-access fileset.
File privileges:
Only have impact when set on executables, user libraries, or ordinary DLLs.
A process created from an executable file inherit
s the privileges of that
executable file.
Are ignored when accessing files that are not in a restricted-access fileset.