Managing Systems and Workgroups: A Guide for HP-UX System Administrators
Administering a System: Managing System Security
Managing Access to Files and Directories
Chapter 8 773
• Protect all disk special files:
❏ Write-protect all disk special files from general users, to prevent
inadvertent data corruption. Turn off write access for group and
other.
❏ Read-protect disk special files to prevent disclosure. Turn off
read access for other.
The directory entries should look like:
brw-r----- 1 bin sys 31 0x002000 Feb 18 1998 /dev/dsk/c0t2d0
crw-r----- 1 bin sys 188 0x002000 Aug 3 1998 /dev/rdsk/c0t2d0
brw-r----- 1 root sys 64 0x000002 Jun 11 1996 /dev/vg00/lvol2
crw-r----- 1 root sys 64 0x000002 Jun 11 1996 /dev/vg00/rlvol2
• Terminal ports on UNIX systems may be writable by anyone, if you
are allowing users to communicate by using the write or talk
programs. Only the owner, however, should have read permission.
• Individual users should never own a device file other than a terminal
device or personal printer.
• Before putting a disk or other mountable device of unknown origin
into service, check its files for special files and setuid programs. See
“Guidelines for Mounting and Unmounting a File System” on
page 779.
Protecting Disk Partitions and Logical Volumes
• The device files for disk partitions and logical volumes should be
readable only by root and perhaps by an account used for disk
backups. See “Security Considerations for Device Files” on page 772.
• Since ownership and permissions are stored in the inode, anyone
with write permission to a mounted partition can set the user ID for
any file in that partition, regardless of the owner, bypassing the
chmod() system call and other security checks.
• If a program, such as a database, requires direct access to the
partition, that partition should be reserved exclusively for the
program and never mounted. Program users should be informed that
the file’s security is enforced by its permission settings, rather than
by the UNIX file system.