HP-UX Host Intrusion Detection System Version 4.1 Administrator's Guide
Table A-15 World-Writable File Template Properties
Default ValueTypeProperty
0 | 1 | 2 | 3 | 4 | 5 | 9 | 11III
priv_user_list
^/dev/null$ | ^/dev/console$ | ^/dev/tty | ^/dev/pty
| ^/dev/pts
I
pathnames_to_not_watch
^/etc/opt/resmon/IIpathnames_0
^/usr/sbin/stm/uut/bin/tools/monitor/ &
^/etc/opt/resmon/lbin/
IIprograms_0
^/dev/ptmx$ | ^/var/opt/dce/rpc/local/ |
^/var/run/egd-pool$ | ^/dev/console$ |
^/var/sam/log/samagent\.log$ | ^/var/vx/isis/state$
| ^/var/opt/perf/ | ^/var/opt/OV/log/ httpd |
^/var/opt/OV/ & ^/etc/opt/OV/ |
^/etc/group\.tmp.*$ & ^/etc/passwd\.tmp.*$ |
^/etc/group\.tmp.*$ | ^/stand/\.system_tune$ &
/tmp/\.kmsystune_lock$ |
^/var/opt/OV/log/OpC/opcmsglg$ | ^/var/tmp/ &
^/var/opt/scr/ | ^/var/opt/scr/
II
pathnames_1
^/usr/lbin/rlogind$ | ^/usr/lbin/swagent$ &
^/usr/sbin/swagentd & ^/usr/sam/lbin/samd$ &
^/opt/perf/bin/ & ^/opt/OV/bin/ |
^/opt/openssl/prngd/prngd$ | ^/usr/sbin/getty$ |
^/usr/sam/lbin/samd$ | ^/opt/VRTSob/bin/vxsvc$
| ^/opt/perf/bin/ | ^/opt/OV/httpd/bin/httpd$ |
^/opt/OV/bin/ | ^/usr/sbin/useradd$ &
^/usr/sbin/userdel$ & ^/usr/sbin/usermod$ | ^/usr
/sbin/groupadd$ & ^/usr/sbin/groupdel$ &
^/usr/sbin/groupmod$ | ^/usr/sbin/kmtune$ | opcle
| /opt/scr/lbin/scrgetconf$ |
/opt/scr/lbin/scrdaemon$
II
programs_1
<empty>II
pathnames_X
<empty>II
programs_X
Properties
The configurable properties are listed as follows:
priv_user_list
A list of system-level user IDs or user names.
This list contains users that have elevated access
to the system. Removing any of these users means
that this template does not detect the creation of
a world-writable file owned by that users.
pathnames_to_not_watch
Path names of files that can be safely ignored if
they are made world writable.
Creation of World-Writable File Template 171