Manualshelf

Software Distributor Administration Guide for HP-UX 11i

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1.6 Technical Computing (TCOE) LTU
261262263264265266267268269270
SD-UX Security
Basic Security Tasks
Chapter 9 261
Basic Security Tasks
Along with the traditional HP-UX file access protection, all SD-UX
objects (hosts, depots, roots and products) are also protected by ACLs.
Figure 9-1 Access Control Lists
ACLs offer a greater degree of selectivity than do permission bits. An
ACL extends the concept of the HP-UX file system’s permission bits by
letting you specify different access rights to several individuals and
groups instead of just one of each.
For example, if you set up remote operations, you must install an HP
ServiceControl Manager fileset that makes some elementary changes to
the security ACLs on the remote systems. One of these changes is to copy
three ACLs from the source system to the destination systems. (See
“Setting Up Remote Operations” on page 199.)
The ACLs copied are those protecting the source host (the host ACL), the
host’s template ACLs used in subsequent operations to produce ACLs for
products (the global_product_template), and depot/root containers
(the global_soc_template). When copied, these ACLs grant users on
the source host the same permissions on the destination host as they
have locally on the source host. In addition, an entry for the superuser at