Manualshelf

Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Security Products and Features Software
11121314151617181920
As in the previous example, a prompt appears for the private key passphrase because it is not
included. RSA public keys are generally not considered secret quantities and are not encrypted.
Not protecting public keys does not cause a security breach. WLI follows this convention.
3.2 User keys
A user key can have no authorization for WLI operations and still suffice for creating WLI file
access policies and signing executable binaries. WLI user authorization enables a key for verifying
signatures and file access policies during run-time operations.
A WLI administrator key can authorize an RSA key to enable run-time enforcement of WLI
policies created with the key. This authorization is accomplished by copying the public key and
associated information into a file under WLI database directory /etc/wli/certificates.
For details on authorizing keys, see wlicert(1M).
User key authorization enables the following:
An authorized key enables a WLI file access policy to be enforced for run-time access requests
on the file. The public key must verify the signature on the file access policy as part of
enforcement.
Any key can generate a WLI policy but only an authorized key can verify a policy signature.
For details on generating file access policies, see wlipolicy(1).
Capabilities can be granted to an authorized key. The file /etc/wli/wlicert.conf retains
information on authorized keys that also have capabilities. An authorized key with a
capability can authorize an executable to use a particular WLI-protected resource.
Any unauthorized key can sign and grant a capability to an executable. For the executable
to use the WLI-protected resource, the key used for its signing must be authorized as a user
key and granted the capability. For details on granting capabilities to executables, see
wlisign(1). For granting capabilities to authorized keys, see wlicert(1M).
3.3 Administrator keys
A WLI administrator key has all the authority of an authorized user key. A WLI administrator
key also has authority to execute WLI administrative commands.
Multiple WLI administrator keys can be defined. The number of administrator keys depends on
site security requirements and is left to the discretion of WLI administrators.
Administrator authority is required to:
Grant WLI administrator authority to keys with wliadm. The key can already have WLI
user authority.
Remove administrator authority from a key with wlicert. A key can remove its own
administrator authority.
Grant one or more capabilities to a key. An administrator key can grant a capability to itself.
Grant user authority to a key for file access policy enforcement with wlicert. All
administrator keys are authorized for policy enforcement without an explicit grant through
wlicert. Set the storage type for WLI metadata with wlisys. A key is not required for
storage type retrieval.
Set WLI security attributes with wlisyspolicy. A key is not required to query these
attribute values.
Sign executable binaries that are invoked through wliwrap to execute with one or more
capabilities. An administrator key is not required to authorize execution of wliwrap.
Execution of wliwrap can be authorized by any user key that is granted the capabilities.
20 Key usage