SCO UNIX C2 Security Issues
Ronald S H Khoo
ronald at robobar.co.uk
Sat Dec 29 11:55:44 AEST 1990
annala at neuro.usc.edu (A J Annala) writes:
> In article <277916E3.2042 at tct.uucp> chip at tct.uucp (Chip Salzenberg) writes:
> Could someone describe exactly what sysadmsh-->system-->relax actually does
> and what more it should do to disable C2 security for software developers?
I'd appreciate a definitive answer to this question too.
One thing it does do is to use default.unix instead of default.c2 as default in
/etc/auth/system. I use neither -- I think I added some extra default
permissions to mine -- those of you who read the script I use to process
/etc/passwd would have noticed that I don't put explicit permissions in
/tcb/files/auth/?/* but just set the default to include the permissions I want
since it's a lot easier to maintain things that way -- in case SecureWare
decide to increase the number of explicit permissions needed at some future
downgrade, I can just adjust it in one place. Actually, I hope by then I'd
have another UNIX.
Does anyone know if u_secclass does anything in the current SCO releases ?
I remember someone saying that making it "d" and rebooting made a difference
to them (was it Brandon?) but I can't seem to find any difference.
Happy New Year to one and all. Even the guys at SecureWare. Yeah, why not.
--
ronald at robobar.co.uk +44 81 991 1142 (O) +44 71 229 7741 (H)
More information about the Comp.unix.sysv386
mailing list