NIO CommKit Host Interface Installation and System Administration Manual

3-12

Control Tables (from AT&T 255-110-127)

srvtab

Refer also to the srvtab(4) manual page.

The granting and denial of access privileges by the CommKit Host Interface

on a called host is controlled entirely by the server table on that called host.

An incorrect or incomplete server table can cause serious security problems

by allowing unauthorized access to system ﬁles and resources.

This section describes the facilities available through the /etc/opt/dk/srvtab

server table and provides the user with several suggestions to make the net-

work connections more secure. A high degree of security is ensured by edit-

ing server table ﬁles.

CAUTION: The sample /etc/opt/dk/srvtab ﬁles distributed with the CommKit Host Interface

software are not intended to be used as provided and do not provide the customer with

a high degree of security as the default. The customer must customize the sample

server table ﬁles to achieve the desired level of security.

Server Table

The directory /etc/opt/dk/srvtab and associated ﬁles (referred to as the server

table) are used to validate incoming call requests and map them into pro-

cesses on the called host. The server table can be tailored to restrict the

types of calls permitted. All incoming calls must be mapped by means of

the server table; there are no privileged calls that can bypass this procedure.

The server table is a directory containing ﬁles whose names correspond to

the names of requested services. For example, /etc/opt/dk/srvtab/pupu is the

name of the ﬁle used for the ﬁle transfer service, pupu. Alternatively, the

server table may be conﬁgured by the user as a single ASCII text ﬁle consist-

ing of comment lines and mapping entries. Entries may not span lines. In

structure, this server table format resembles a concatenation of the ﬁles nor-