To administer your system, you may need to deal with security features and policy. Secure systems have scope and depth.
Scope is the ways in which connected and networked systems are secured.
Depth is the ways in which a particular system is secured.
For example, the scope could relate to securing a cluster server in an HP-UX cluster, all the clients in the cluster, and every system that can access the cluster server. Still in this context, the depth could relate to securing the cl uster server.
If you need to set up a secured system, you have two areas of concern:
1. Normal system administration security functions; and
2. Security-specific functions that are described in the HP- UX System Security manual.
This section describes things you can do as a normal system administrator.
For other aspects of having a secure system, see the HP- UX System Security manual.
Continue in this section before going to the system security manual.
2-50 Constructing an HP-UX System
Conceptualizing Protection and Security
The system administrator (or an official entity) establishes guidelines, goals, strategies, and procedures for preventing illicit activities and inadvertent actions on a system. To accommodate these things, you consider physical, password, permission, and execute security.
Physical Security
• Maintain backup tapes (or other appropriate media) for the system and all layers on the system (environments, applications, users, and such) that could not be replaced from other sources.
• Keep backup media protected and locked in a safe location. This can vary from locking tapes in your desk to placing them in a vault in a remote location.
• Clearly identify LAN and other cables to system users. If appropriate, meet with users and discuss the system, guidelines for dealing with problems, and such.
• Do not leave the root console or any console on which you logged in as the root user unattended. Log 6ff the system anytime you are not physically monitoring it. If necessary, use lock to secure the system while you are away.
• If necessary, devise ways to secure hardware against theft.
Constructing an HP-UXSystem 2-51
Password Security
The / etc/passwd file lets you secure a system. Although users can read the file, only the root user can alter it. HP-UX encrypts passwords entered by users. You should encourage all users to have a password, and when you add users to the system, force them to provide a password before they can log in.
See / etc/passwd in "Editing Environment Files" earlier in this chapter if you want details about the password file.
Permission and Execute Security on Files
HP- UX files have modes that determine file access permissions for three categories of users. Assuming you have the string, -xwrxwrxwr, the scheme for setting permissions works as follows:
- (dash)
provides permissions for the owner of the file (a file, directory, or special file).
provides permissions for the group, where a group includes the users who need to access the same files.
provides permissions for the public (other), where public includes all people who have a system account.
means a user can read the file (a dash denies).
means a user can write to the file (a dash denies).
means a user can execute the file (a dash denies).
The discussion of permissions continues on the next page.
2-52 Constructing an HP-UX System
The position of an x, w, or r indicates who can read, write, or execute.
Substituting dashes by position lets you control permissions. The following examples suggest possibilities:
drwxr--r-- the owner has all permissions, group and public can read crw-rw-rw- all users can read or write to the special file
drwxrwxrw- the owner and group can read, write, and execute files in the directory, the public can read or write to the files
-rw-r--r-- the owner can read and write, the group and public can read the file Use the / et c / chmod command to set permissions.
chmod mode filename where:
mode is a three-digit octal code for the permissions (for example, 754); and filename is the file or directory getting the permissions.
A Typical Set of Protections
• Set the root directory to 555, (dr-xr-xr-x).
• Set /etc/passwd to 444, (-r--r--r--).
• Set the default file creation mode so new files have write protection to all but the owner. Use umask with a mode of 022 (---w--w-) and include the entry in / etc/profile and / etc/ csh . login.
• Set system directories /usr, /lib, /usr/lib, /bin, /usr/bin, and /etc to 555 (dr-xr-xr-x) to prevent users from adding or deleting files.
• Set temporary directories such as /tmp and /usr /tmp to 766 (drwxr-xr-x).
Constructing an HP-UX System 2-53
Security for the Root User
You can secure login access for the root user by:
• Setting a password for root in the usual way (login as root and execute passwd) .
• Specifying which terminal can be used to log in as the root user.
For the second method, work as follows:
1. Specify the tty devices the root user can use for logging in by creating letc/securetty. Unless you explicitly create this file, the root user can log in from any terminal connected to the system. Create the file as follows:
a. Entries in the file specify the device file names of the terminals where the root user can log in.
b. The entries contain the name of the device file for the terminals, but not the pathname (typically I dev).
c. The security file can specify more than one terminal, one to a line.
d. In an HP-UX cluster, the file must be a Context Dependent File (CDF).
2. A security file that permitted the root user to log in on the terminals having the device files for console and tty05 would look like this:
console tty05
2-54 Constructing an HP-UX System
Limitations in Creating /etc/securetty
This security feature does not restrict a normal user from using su to become the root user on any terminal. You can restrict the use of su by executing:
chmod 500 /bin/su
Then, the owner (root) has read and execute permission, and other users have no access permission.
HP-UX Cluster Security
In general, you secure an HP-UX cluster just as you secure a standalone workstation. But the situation is magnified.
To prevent problems, require every cluster client and remote user to log in and provide a password.
Constructing an HP-UX System 2-55
Some General Tips for Securing a System
Earlier, you saw information for physical, password, and root security. This section contains general tips learned by expert system administrators that help you secure a system.
The following items mention basic principles of good security:
• Physically control equipment.
• Get management commitment to security.
• Educate employees on what is expected of them.
• Use administrative procedures designed to increase security.
• Concealment alone is not security.
• Do not trust what others can alter.
• It is better to know about holes in security than to think you are secure.
• Compartmentalize data.
• Disconnect unused terminals and mass storage devices.
2-56 Constructing an HP-UX System
Routine Tasks That Help You Maintain Security
• Check lusr/adm/sulog and lusr/adm/OLDsulog periodically for successful and unsuccessful attempt to su(l).
• Check I etc/btmp periodically for unsuccessfullogins.
• Check log files and directories in I usr I adm. Check log files in the directories under lusr I spool.
• Check the log files for any specific software you have on the system.
• Do not put a period (.) in the path of the root user.
• Check out'each setuid program as to why they are setuid.
• All accounts should have a password, or they should have
*
as the password.• A modem line has the potential to be a security hole.
• Protect lusr/lib/uucp/Systems, $HOMEI .netrc, any scripts that use RFA and NFT commands, and any other files that have passwords of remote systems embedded in them.
• Use password aging.
• Use C2 Trusted Systems and ACLs.
• The following items show files to protect (owners and permissions):
/dev/kmem root 400 /dev/mem root 400 /dev/rhd (300) root 400 /dev/dsk/* root 400
superuser's login directory root 555
Constructing an HP-UX System 2-57
Procedures for Setting Up a Secured or Audited System
The HP- UX System Security manual has information about procedures. Also, you can use SAM to perform several tasks related to auditing and security by selecting the following menu options:
You can then perform the following tasks:
•
•
•
•
•
•
•
2-58 Constructing an HP-UX System