Manualshelf

Software Distributor Administration Guide for HP-UX 11i

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1.6 Technical Computing (TCOE) LTU
251252253254255256257258259260
SD-UX Security
Overview
Chapter 9256
Overview
Along with the traditional HP-UX file access protection, SD-UX uses
Access Control Lists (ACLs) to protect the primary objects on which it
manages software:
•Hosts
Roots (software installed on a host)
•Depots
Products within depots
An ACL consists of a set of entries associated with an object when it is
created.
Default Security
The following security scheme exists by default:
The local superuser always has access to all local objects.
Read access is provided to all users on the network who use the same
SD-UX shared secret via the any_other ACL.
Whoever creates a root, depot, or product object has full access to it
as the object_owner.
If you set up systems for remote operations (using the procedure
discussed in “Setting Up Remote Operations” on page 199),
root@central_controller has full access to all target objects via
the user:root@central_controller ACL.
If you are running as root@central_controller, the suggested security
setup should be adequate to perform all tasks.
Two templates are used to create default ACLs:
global_soc_template (applies to all new depots and roots added to
the host)
global_product_template (applies for new products in depots)