Manualshelf

HP-UX Containers (SRP) A.03.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
71727374757677787980
75
kctune srp_obfuscate_enabled=1 # to enable UID and GID obfuscation only
kctune srp_obfuscate_enabled=2 # to enable process name obfuscation only
kctune srp_obfuscate_enabled=3 # to enable all process related obfuscation
(default)
15.3 Security features
15.3.1 Extended security attributes
Extended security attributes for binary files (see setfilexsec(1M) and getfilexsec(1M)) are
maintained on a per-container basis for system containers. An administrator in a system container
can set, delete, and display extended security attributes of binary files in the system container’s
filesystem view the same way an administrator manage them in the global view.
Binary files that are under the /usr and /sbin directories that are shared by the global view and
system containers with shared file system can be assigned more than one set of extended security
attributes. The attributes that take effect are determined based on where the binary file is executed.
When a binary file is executed in the global view, the attributes set by an administrator in the global
view take effect. When the same binary file is executed in a system container, the attributes set by an
administrator in that system container take effect.
Processes running in the global view can access any file on the system including those in the file
system view of a system container. However, extended security attributes set for binary files in a
system container take effect only for a process running in that system container. They have no effect
on processes running in the global view. This prevents unexpected side effects that might be caused if
the binary files were executed with the attributes assigned in a system container. Likewise, extended
security attributes set for binary files under the /usr and /sbin directories in the global view are not
visible to and have no effect on processes running in a system container with shared file system.
Some of the privileges included in the extended security attributes are only required for system-wide
operations and are disallowed to processes running in a system container for security reasons. If
these privileges are assigned to binary files in a system container, they will not take effect. The new
process will begin execution without these disallowed privileges. The target compartment information
included in the extended security attributes is also ignored to prevent a process running in a system
from changing its compartment. See 15.7 Limitations and disallowed operations.
15.3.2 Audit
The AuditExt v4.0 product included in the HP-UX Containers A.03.00 product supports auditing in
both the global view and in system containers.
15.3.2.1 Audit configuration and record generation
Most of the audit administration tasks must be performed by an administrator in the global view,
because they require privileges that are disallowed in system containers. See 15.7 Limitations and
disallowed operations. These administration tasks are described in audsys(1M), audevent(1M),
audomon(1M) and audfilter(1M).
However, selection of users to be audited must be done by an administrator in each system container,
because a separate set of users and groups are maintained in each system container. The
AUDIT_FLAG attribute described in security(4) and userdb(4) controls which users should be
audited.
Once auditing is configured, all audit records generated by processes in all system containers, as
well as audit records generated by processes in the global, are written to the audit log files in the
global view.