This manual describes how to use, administer, and write programs for the Compaq Tru64TM UNIX® operating system with the optional enhanced security subsets installed. It also provides information about traditional UNIX security and other optional security features.
Part 1 is directed toward general users. It is not intended for users of secure programs, because such programs typically hide the secure interface after the login has been completed.
Part 2 is directed toward experienced system administrators and is not appropriate for novice administrators. System administrators should be familiar with security concepts and procedures.
Part 3 is intended for programmers who are modifying or creating security-relevant programs (trusted programs) and anyone who modifies or adds to the trusted computing base. You should be familiar with programming in C on UNIX systems.
A security configuration procedure was added to this manual to help administrators configure their system to meet security levels up to C2 . See Appendix F for more details.
An appendix that describes audit and NIS set up in a cluster has been added.
An appendix that describes the new dop (Division of Privileges) utility.
The manual is divided into three parts as follows:
Part 1: User's Guide to Security
This part describes the enhanced security features of the system that relate to the general user. It also includes general information about connecting to other systems and using a windows environment.
Part 2: Administrator's Guide to Security
This part explains concepts that are fundamental to administering a trusted operating system and describes tools and procedures for administrative tasks. It is both task-oriented and conceptual.
Part 3: Programmers Guide to Security
This part describes the security features to those who modify or add security-relevant programs (trusted programs). It presents guidelines and practices for writing these programs and describes specific Tru64 UNIX interfaces. This part also describes the use of the security facilities: system calls, libraries, and databases.
This manual is organized as follows:
Introduces the enhanced security features of the system from a user's point of view and defines the areas in which a trusted system expands the traditional UNIX system for security.
Describes how to log in to the system and change passwords. It also discusses some common problems associated with passwords and logging in and how to avoid them.
Discusses the security risks and security procedures for logging into remote systems. Protecting files from remote copies is also discussed.
Discusses the Common Desktop Environment (CDE) features that enhance the security of a workstation. This chapter does not explain how to use CDE.
Describes the ACL (access control lists) features of system and how users can most effectively use them.
Defines a trusted system and security concepts fundamental to system security. It also summarizes the trusted administrative roles, protected subsystems, and security databases.
Describes how to set up the security databases and parameters for system operation and how to customize the system for your own site.
Describes how to create and modify secure terminals.
Describes how to use the Account Manager (
dxaccounts
) programs to create and maintain accounts.
It also describes the
authentication subsystem and centralized account management.
Describes the audit subsystem and how it is configured and maintained. Summarizes audit record formats and presents guidelines for effective and high-performance audit administration. This chapter also summarizes the formats of the records written to the audit trail by the audit subsystem.
Describes the installation and administration of the ACLs (access control lists) feature.
Describes the operations that check for system and database integrity.
Describes the Security Integration Architecture (SIA) and
the associated
matrix.conf
files.
The installation and
deletion of layered security products is also discussed.
Lists problems that can occur during system operation and suggests resolutions.
Describes the approach to examples used throughout this part and provides information about the trusted computing base.
Provides specific techniques for designing trusted programs, such as whether the program is to be a directly executed command or a daemon.
Describes the structure of the authentication database and the techniques for querying it.
Presents the various user and group identities of the operating system and how you should use them, particularly the audit ID that is not a part of traditional UNIX systems. It also describes the contents of the protected password database.
Presents guidelines for when trusted programs should make entries in the audit logs and the mechanisms for doing so.
Documents the Security Integration Architecture (SIA) programming interfaces.
Provides the programmer with the information needed to use ACLs (access control lists) in applications that run on Tru64 UNIX.
Lists the files provided in the system's trusted computing base (TCB).
Contains the default auditable events (/etc/sec/audit_events
) and the default audit-event aliases (/etc/sec/event_aliases
) files.
Explains the issues encountered when moving applications and accounts from ULTRIX systems to Tru64 UNIX systems.
Provides the programmer with extended coding examples for trusted Tru64 UNIX systems.
Explains the naming convention used to keep Tru64 UNIX compliant with ANSI C.
Provides administrators with detailed security configuration procedures.
Provides security configuration procedures for systems in a cluster. Audit and NIS set up information is included.
Provides administrators with DOP privileges information.
The following Compaq documents provide additional information about security issues in the Tru64 UNIX system:
Command and Shell User's Guide
Common Desktop Environment documentation
Reference Pages
The following are documents available from O'Reilly and Associates, Inc. that will help you understand security concepts and procedures:
Computer Security Basics
Practical UNIX Security
UNIX: Its Use, Control, and Audit -- Contact the Institute of Internal Auditors Research Foundation at 249 Maitland Avenue, Altamonte Springs, Florida 32701-4201.
The following are reference documents available from the United States Department of Defense that you may find useful:
Site Security Handbook (RFC 1244)
-- This
handbook is the product of the Site Security Policy Handbook Working Group,
a combined effort of the Security Area and User Services Area of the Internet
Engineering Task Force.
This RFC provides information for the Internet community
and is available at
ftp://ds.internic.net/rfc/
.
Trusted Computer System Evaluation Criteria
--
U.S.
Department of Defense, National Computer Security Center, DoD 5200.28-STD,
December, 1985.
This document, known as the
Orange Book,
is the U.S.
Government's definitive guide to the development and evaluation
of trusted computer systems.
An online copy of the
Orange Book
is available at
http://nsi.org/Library/Compsec/orangebo.txt
Password Management Guideline
-- U.S.
Department
of Defense, (CSC-STD-002-85), April 12, 1985.
This document, known as the
Green Book, supports the
Orange Book
by
presenting a set of recommended practices for the design, implementation,
and use of password-based user authentication mechanisms.
An online copy of
the
Green Book
is available at
http://www.radium.ncsc.mil/tpep/library/rainbow/CSC-STD-002-85.html
A Guide to Understanding Audit in Trusted Systems -- U.S. Department of Defense
The following document may be of interest to users outside the U.S.
Information Technology Security Evaluation Criteria (ITSEC).
The printed version of the Tru64 UNIX documentation uses letter icons on the spines of the books to help specific audiences quickly find the books that meet their needs. (You can order the printed documentation from Compaq.) The following list describes this convention:
G | Books for general users |
S | Books for system and network administrators |
P | Books for programmers |
D | Books for device driver writers |
R | Books for reference page users |
Some books in the documentation help meet the needs of several audiences. For example, the information in some system books is also used by programmers. Keep this in mind when searching for information on specific topics.
The Documentation Overview provides information on all of the books in the Tru64 UNIX documentation set.
Compaq welcomes any comments and suggestions you have on this and other Tru64 UNIX manuals.
You can send your comments in the following ways:
Fax: 603-884-0120 Attn: UBPG Publications, ZKO3-3/Y32
Internet electronic mail:
readers_comment@zk3.dec.com
A Reader's Comment form is located on your system in the following location:
/usr/doc/readers_comment.txt
Mail:
Compaq Computer Corporation
UBPG Publications Manager
ZKO3-3/Y32
110 Spit Brook Road
Nashua, NH 03062-9987
A Reader's Comment form is located in the back of each printed manual. The form is postage paid if you mail it in the United States.
Please include the following information along with your comments:
The full title of the book and the order number. (The order number is printed on the title page of this book and on its back cover.)
The section numbers and page numbers of the information on which you are commenting.
The version of Tru64 UNIX that you are using.
If known, the type of processor that is running the Tru64 UNIX software.
The Tru64 UNIX Publications group cannot respond to system problems or technical support inquiries. Please address technical questions to your local system vendor or to the appropriate Compaq technical support office. Information provided with the software media explains how to send problem reports to Compaq.
This document uses the following typographic conventions:
%
$
A percent sign represents the C shell system prompt. A dollar sign represents the system prompt for the Bourne, Korn, and POSIX shells.
#
A number sign represents the superuser prompt.
%
cat
Boldface type in interactive examples indicates typed user input.
Italic (slanted) type indicates variable values, placeholders, and function argument names.
In syntax definitions, brackets indicate items that are optional and braces indicate items that are required. Vertical bars separating items inside brackets or braces indicate that you choose one item from among those listed.
colored
text
In syntax definitions, literal elements are colored green. Variable values, placeholders, and function argument names are colored red. No special colored text is used outside of syntax descriptions.
In syntax definitions, a horizontal ellipsis indicates that the preceding item can be repeated one or more times.
cat
(1)A cross-reference to a reference page includes the appropriate section
number in parentheses.
For example,
cat
(1)
indicates that you can find information on the
cat
command in Section 1 of the reference pages.
In an example, a key name enclosed in a box indicates that you press that key.
This symbol indicates that you hold down the first named key while pressing the key or mouse button that follows the slash. In examples, this key combination is enclosed in a box (for example, [Ctrl/C] ).
Multiple key or mouse button names separated by spaces indicate that you press and release each in sequence. In examples, each key in the sequence is enclosed in a box (for example, [Alt] [Q] ).