Manualshelf

Software Distributor Administrator Guide (September 2010)

ManualsBrandsHP ManualsSoftwareHP-UX Software Distributor
181182183184185186187188189190
9 SD-UX Security
During the SD-UX installation, a default security setup is created. This chapter explains
basic SD-UX security, introduces the swacl command, presents examples of common
tasks, and provides in-depth discussion of how SD-UX manages security.
Table 9-1 Chapter Topics
Topic and Page
“Overview” (page 187)
“The swacl Command ” (page 188)
“Basic Security Tasks ” (page 191)
“How ACLs are Matched to the User ” (page 199)
ACL Entries ” (page 200)
“Security on SD-UX Systems ” (page 208)
“SD-UX Internal Authentication ” (page 210)
“RPC Authorization” (page 212)
“Security Use Models ” (page 214)
“Permission Requirements, by Command ” (page 217)
9.1 Overview
Along with the traditional HP-UX file access protection, SD-UX uses Access Control
Lists (ACLs) to authorize access to the primary objects on which it manages software:
Hosts
Roots (software installed on a host)
Depots
Products within depots
An ACL consists of a set of entries associated with an object when it is created.
9.1.1 Default Security
The following security scheme exists by default:
The local superuser always has access to all local objects.
Read access is provided to all users on the network who use the same SD-UX
shared secret via the any_other ACL.
9.1 Overview 187