Host Intrusion Detection System Administrator's Guide Release 3.0
Configuration
Restricting Permissions
Chapter 2
33
Restricting Permissions
HP-UX HIDS files and programs are delivered with the strictest usable permission. In
general, only user ids is allowed any access and superuser (root) is not permitted to
execute the programs. In addition, most files must be owned by user ids or HP-UX HIDS
will not run.
The proper runtime permissions are given in Table 2-2.
Accessing Manpages
HP-UX HIDS manpages are provided in /opt/ids/share/man. To make them accessible
to all users on the administration system and on each agent system through the man
command, you can append “:/opt/ids/share/man” to the string in the file
/etc/MANPATH. Individual users can add the string to their MANPATH environment
variable in their .profile or .login files.
Table 2-2 Runtime File Permissions
Files Permissions
Configuration files in /etc/opt/ids u=rw (octal value 600)
Data files in /var/opt/ids u=rw (octal value 600)
Program and other files in /opt/ids u=rx (octal value 500)
Directories, such as /var/opt/ids u=rwx (octal value 700)