special security actions for init and getty
/tcb/lib/initcond init user tty
/tcb/lib/initcond getty tty
To save space in the
programs, which are memory resident, the space-intensive
security actions are done in initcond
as a sub-process of these programs.
The init subcommand is run when the user logs off the
terminal line tty.
The terminal device name and user name are recorded in both the user
Protected Password database, and the system Terminal Control database.
The getty subcommand secures the terminal line tty for
subsequent logins by setting a restricted set of permissions and arranging for
any currently open connection to fail. The Device Assignments database is
consulted and all aliased special files referring to this physical or pseudo
terminal device are also secured.
The argument tty must name a special device file in /dev.
The path /dev will be assumed if only the filename is given.
initcond will not run if a login UID is set.
Protected Password database
log file for init and getty events
Device Assignment database
Terminal Control database
``Maintaining system security'' in Managing system security
initcond is not part of any currently supported standard; it is
an extension of AT&T System V provided by The Santa Cruz Operation, Inc.
© 2005 The SCO Group, Inc. All rights reserved.
SCO OpenServer Release 6.0.0 -- 03 June 2005