HP-UX 11i Security Containment Administrator's Guide for HP-UX 11i v2
Figure 5-1 Compartment Architecture
Network
parent
recorder
handler
handler
handler
/var/opt/server
logs
All
process
server_parent
Compartment
server_children
lan cmpt 1
process relationship
files and/or directories
file access
network
IPC
signals
spool
/
read
read, write
read, write
In Figure 5-1 “Compartment Architecture”, the parent process is configured in a compartment,
compartment A. As part of its functioning, the parent process spawns a number of handler
processes in a different compartment, compartment B. The handler processes inherit the
compartment configuration of the parent process. The network card that connects this system
to the lan is configured in another compartment, compartment C. The file system is configured
to allow full access to compartment A, but only allow partial access to compartment B.
Communication between the system components in their separate compartments is configured
as follows:
• All the handler processes is configured to communicate with the network.
• The recorder can access the file system.
• The handlers have read, and read/write access to parts of the file system.
• The handler processes can communicate with the parent process, and with the recorder via
IPC and signals.
• The network is isolated from the recorder and the parent process.
This compartment configuration provides security for the file system and the recorder. Both are
isolated by their compartments. Though the handler processes can communicate with the network,
the network cannot be accessed by the recorder or the parent process.
58 Compartments