HP-UX System Administrator's Guide: Security Management HP-UX 11i v3 (B3921-90020, September 2010)

Table Of Contents
6.4.3 IPC Rules........................................................................................................116
6.4.4 Network Rules...............................................................................................118
6.4.5 Miscellaneous Rules.......................................................................................119
6.4.6 Example Rules File.........................................................................................121
6.5 Configuring Compartments...................................................................................121
6.5.1 Activating Compartments.............................................................................121
6.5.2 Defining a Compartment Configuration.......................................................122
6.5.2.1 Changing Compartment Rules..............................................................122
6.5.2.2 Changing Compartment Names............................................................122
6.5.3 Running an Application in a Compartment..................................................123
6.5.4 Login Directly to a Compartment..................................................................123
6.6 Troubleshooting Compartments............................................................................123
6.7 Using Discover Mode to Generate Initial Compartment Configuration...............124
6.8 Compartments in HP Serviceguard Clusters.........................................................125
7 Fine-Grained Privileges......................................................................................................127
7.1 Overview................................................................................................................127
7.2 Fine-Grained Privileges Components....................................................................127
7.2.1 Commands.....................................................................................................127
7.2.2 Manpages.......................................................................................................128
7.3 Available Privileges................................................................................................128
7.4 Configuring Applications with Fine-Grained Privileges......................................131
7.4.1 Privilege Model..............................................................................................132
7.4.2 Compound Privileges....................................................................................132
7.5 Security Implications of Fine-Grained Privileges..................................................133
7.5.1 Privilege Escalation........................................................................................133
7.6 Fine-Grained Privileges in HP Serviceguard Clusters..........................................133
7.7 Troubleshooting Fine-Grained Privileges..............................................................134
III Protecting Identity...................................................................................................................135
8 HP-UX Role-Based Access Control.......................................................................................137
8.1 Overview................................................................................................................137
8.2 Access Control Basics.............................................................................................138
8.2.1 Simplifying Access Control with Roles.........................................................139
8.3 HP-UX RBAC Components...................................................................................140
8.3.1 HP-UX RBAC Access Control Policy Switch.................................................141
8.3.2 HP-UX RBAC Configuration Files.................................................................141
8.3.3 HP-UX RBAC Commands.............................................................................142
8.3.4 HP-UX RBAC Manpages...............................................................................142
8.3.5 HP-UX RBAC Architecture............................................................................143
8.3.6 HP-UX RBAC Example Usage and Operation..............................................144
Table of Contents 7