|
HP OpenVMS Systemsask the wizard |
|
The Question is: I have to protect the sysuaf from other privileged users on the system. I added an ACL to Authorize.exe and sysuag.dat, and added a second acl to restrict all others. Ex. Identifier=[*,*],access=none. Privileged users where still able to access the sysuaf. I noticed that the authorize.exe file is installed with privileges. I de-installed the image and the acl structure worked fine. My quesiton is, Is it necessary to have a uthorize.exe installed? And if not, which startup file installs the image? The Answer is : If you do not trust your privileged users, then you have no security. Any sufficiently privileged user can perform any desired action. You can not protect your system against privileged users, as privileges are central the mechanisms that are used for the purpose of protection and access control. Privileges are a key part of the mechanisms that are used to protect the system against nefarious activities, and also against untrusted, untrained or otherwise careless users. You will notice that AUTHORIZE is installed solely with AUDIT privilege, and AUDIT privilege does not grant any enhanced system file access. The installation of AUTHORIZE (with the AUDIT privilege) is required by OpenVMS. The removal or alteration or relocation or deletion of any image that is provided by OpenVMS -- unless requested by a Compaq representative or otherwise explicitly documented by OpenVMS -- is not recommended. If you cannot trust privileged users and cannot disable all untrusted privileged users -- you will want to seriously consider the use of the multiple-password login for all privileged users. With this mechanism, two users must be present to log into any privileged username. You will also want to consider the creation and use of dedicated (captive) logins for certain tasks that require privileges, or the creation and use of images and the INSTALL utility or the privileged subsystem mechanism. You will want to read through and understand the OpenVMS Guide to System Security manual, you will want to seriously consider following the guidelines in the appendix of the aforementioned manual covering the creation and operation of OpenVMS in a Class C2 environment, and you will want to consider a security review.
|