secdefs(ADM)
secdefs --
report settings of security defaults
Syntax
/tcb/bin/secdefs [ -v ] [ -a | level ... ]
Description
secdefs compares the current settings of the system-wide
security defaults with the security levels defined in
/tcb/lib/relax (high, improved,
traditional, and low).
secdefs reports the name of the closest security level
that has the least number of differences.
secdefs takes the following options and arguments:
-v-
Displays a table of the actual differences as well as a count.
The three columns of the table display:
-
the name of a default file in /etc/default, or
``sysdef'' for the System Defaults
database /etc/auth/system/default
-
a keyword entry in the default file
-
the currently assigned value of the keyword,
and the value defined by the security level
-a-
Displays comparisons for each security level defined in
/tcb/lib/relax, in order of increasing number
of differences.
level-
secdefs reports on the differences for each of the
named levels.
Limitations
secdefs examines only the files
etc_def and default in the directory
/tcb/lib/relax/level.
It does not compare the values set in the script file
against the current security defaults.
Files
/tcb/lib/relax/level/default-
/tcb/lib/relax/level/etc_def-
security level defaults
/etc/auth/system/default-
System Defaults database
/etc/default/-
current default settings
See also
configure(ADM),
default(F),
defaults(F),
relax(ADM)
``Maintaining system security'' in Managing system security
Standards conformance
secdefs is not part of any currently supported standard; it is
an extension of AT&T System V
provided by The Santa Cruz Operation, Inc.
© 2005 The SCO Group, Inc. All rights reserved.
SCO OpenServer Release 6.0.0 -- 03 June 2005