HP-UX 11i Version 2 Release Notes (October 2003)
Security
HP-UX Bastille
Chapter 7
177
Impact
You should stop using the listed system call names as options to audevent and audisp.
Although these system calls were obsoleted previously, the HP-UX Auditing System was
not updated accordingly. With HP-UX 11i v2, these system calls are still treated as valid
by the Auditing System, but they will not be in future releases.
You should also stop using the listed to-be-obsoleted event type options with audevent
and audisp. These event type options were never documented and had no effect to the
system in the past, but they were accepted by audevent and audisp as valid options.
Compatibility
There are no compatibility issues.
Performance
There are no performance issues.
Documentation
The audevent and audisp manpages, audevent (1M) and audisp (1M), have been
updated.
Obsolescence
See previous sections.
HP-UX Bastille
HP-UX Bastille 2.1 is a security hardening/lockdown tool which can be used to enhance
the security of the HP-UX operating system. It provides customized lockdown on a
system-by-system basis by encoding functionality similar to the Bastion Host and other
hardening/lockdown checklists.
Bastille was originally developed by the open source community for use on Linux
systems. HP is contributing by providing Bastille on HP-UX.
This tool, along with Install-Time Security (ITS) 1.0
1
and Security Patch Check (SPC)
1.3
2
, introduces new, out-of-the-box security functionality.
1. For further information, see “Install-Time Security” on page 182.
2. For further information, see “Security Patch Check” on page 186.