Administrator's Guide
6.4.3 IPC Rules...........................................................................................117
6.4.4 Network Rules...................................................................................119
6.4.5 Miscellaneous Rules............................................................................122
6.4.6 Example Rules File..............................................................................123
6.5 Configuring Compartments.........................................................................124
6.5.1 Activating Compartments.....................................................................124
6.5.2 Defining a Compartment Configuration.................................................124
6.5.2.1 Changing Compartment Rules.......................................................125
6.5.2.2 Changing Compartment Names...................................................125
6.5.3 Running an Application in a Compartment............................................125
6.5.4 Login Directly to a Compartment..........................................................126
6.6 Troubleshooting Compartments....................................................................126
6.7 Using Discover Mode to Generate Initial Compartment Configuration...............127
6.8 Compartments in HP Serviceguard Clusters...................................................128
7 Fine-Grained Privileges...................................................................................................131
7.1 Overview...................................................................................................131
7.2 Fine-Grained Privileges Components.............................................................131
7.2.1 Commands.........................................................................................131
7.2.2 Manpages.........................................................................................132
7.3 Available Privileges....................................................................................132
7.3.1 Compatibility Information for Divided Privileges.......................................135
7.4 Configuring Applications with Fine-Grained Privileges.....................................136
7.4.1 Privilege Model...................................................................................138
7.4.2 Compound Privileges..........................................................................138
7.5 Security Implications of Fine-Grained Privileges..............................................139
7.5.1 Privilege Escalation..............................................................................139
7.6 Fine-Grained Privileges in HP Serviceguard Clusters........................................139
7.7 Troubleshooting Fine-Grained Privileges........................................................140
III Protecting Identity................................................................................................................141
8 HP-UX Role-Based Access Control.....................................................................................143
8.1 Overview..................................................................................................143
8.2 Access Control Basics.................................................................................144
8.2.1 Simplifying Access Control with Roles....................................................145
8.3 HP-UX RBAC Components...........................................................................146
8.3.1 HP-UX RBAC Access Control Policy Switch..............................................147
8.3.2 HP-UX RBAC Configuration Files...........................................................147
8.3.3 HP-UX RBAC Commands.....................................................................148
8.3.4 HP-UX RBAC Manpages......................................................................148
8.3.5 HP-UX RBAC Architecture.....................................................................149
8.3.6 HP-UX RBAC Example Usage and Operation.........................................150
Table of Contents 7