Maintaining system security

Maintaining system security

Understanding system security
    Physical security
    Trusted system concepts
        Trusted computing base
        Accountability
        Discretionary access control (DAC)
        Object reuse
        Authorizations and privileges
        Identification and authentication (I&A)
        Auditing
        Protected subsystems
    Security in a networked environment
        Network Information Service
        The graphical environment
        Network mail

Administering a trusted system
    Assigning administrative roles and system privileges
    Controlling system access
        Password restrictions
        Terminal use restrictions
        Login restrictions
    Logging out idle users (non-graphical sessions only)
    Restricting root logins to a specific device
    Using auditing on your system

Protecting the data on your system
    The owner and group attributes
    Discretionary access control (DAC): permission bits
    Discretionary access control (DAC): access control lists
        The minimal ACL
        Additional ACL entries
        How the system generates an ACL
        Examining an ACL
        Changing the access control list of a file
    SUID/SGID bits and security
    SUID, SGID, and sticky bit clearing on writes
    The sticky bit and directories
    Data encryption
    Imported data
        Imported files
        Imported filesystems
    Terminal escape sequences

Creating account and login activity reports
    Reporting password status
    Creating an account summary
    Reporting terminal access status
    Reporting user login activity
    Reporting terminal login activity
    Logging unsuccessful login attempts

Detecting system tampering
    Stolen passwords
    Abuse of system privileges
    Unsupervised physical access to the computer

Dealing with filesystem and database corruption
    The authentication database files
    Checking the system after a crash
    Using the override terminal
    Automatic database checking and recovery: tcbck(ADM)
    Database consistency checking: authck(ADM) and addxusers(ADM)
        Creating UNIX system and TCB account database reports
    System file integrity checking: integrity(ADM)
    System file permission repair: fixmog(ADM)

Understanding how trusted features affect programs
    LUID enforcement
    stopio(S) on devices
    Privileges
    Sticky directories

Disabling C2 features

Troubleshooting system security
    Account is disabled -- see Account Administrator
    Account is disabled but console login is allowed Terminal is disabled but root login is allowed
    Authentication database contains an inconsistency
    Can't rewrite terminal control entry for tty Authentication error; see Account Administrator
    Cannot access terminal control database entry
    Cannot obtain database information on this terminal
    Login incorrect
    login: resource Authorization name file could not be allocated due to: cannot open;
    Terminal is disabled -- see Account Administrator
    You do not have authorization to run ...
    Unable to remove files