HP-UX 11i Version 2 May 2005 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX 11i v2 Foundation OE LTU

161

162

163

164

165

166

167

168

169

170

Security

HP-UX Standard Mode Security Extensions

Chapter 8

161

• The HP-UX 11i Security Containment software provides the next generation of

security features including compartments, fine-grained privileges, Role-based Access

Control, and Standard Mode Security Extensions. The StdModSecExt bundle is also

included with the HP-UX Security Containment bundle. See “HP-UX 11i Security

Containment” on page 150 and also refer to the HP-UX Security Containment

Release Notes at http://docs.hp.com.

Compatibility

If you choose to load only the May 2005 version of this feature, without doing a complete

update to the May 2005 version of HP-UX 11i v2, you must first load the September 2004

version of HP-UX 11i v2.

Performance

There are no known performance issues.

Documentation

• For further information, see the product Web page at

http://www.software.hp.com/portal/swdepot/displayProductInfo.do?produ

ctNumber=StdModSecExt.

• The following documents, available at http://docs.hp.com/en/internet.html,

describe the features of the HP-UX Standard Mode Security Extensions:

— HP-UX 11i Security Containment Administrator’s Guide

— HP-UX Standard Mode Security Extensions Release Notes (5991-0791)

• The following related documentation is available at http://docs.hp.com:

— HP-UX Security Attributes Configuration Release Notes (5991-1005)

— HP-UX Security Containment Release Notes (5991-1125)

• The following manpages have been revised:

— audusr (5) Describes the audusr command which selects users to audit.

— audit (5) Describes the HP-UX auditing system which provides a mechanism to

audit users and processes.

— pam_acct_mgmt (3) Describes the pam_acct_mgmt() function which performs

Pluggable Authentication Module (PAM) account validation procedures.

— pam.conf (4) Describes the /etc/pam.conf configuration file for PAM modules.

— pam_hpsec (5) Describes the hpsec service module which implements extensions

specific to HP-UX for authentication, account management, password

management, and session management.

— security (4) Describes the security defaults configuration file

/etc/default/security and attributes.

— useradd (1M) Adds a new user login to the system.

— userdel (1M) Deletes a user login from the system.

— usermod (1M) Modifies a user login on the system.