Re: Simple SMSE Q&A (184 Views)
Super Advisor
Posts: 309
Registered: ‎09-26-2003
Message 1 of 2 (209 Views)

Simple SMSE Q&A

[ Edited ]

For Trusted Mode, having the /tcb tree is an obvious means of verification.


But what about SMSE. Is there "something" that is exclusive to SMSE (on an 11.31 machine that would definitively identify its status as "configured for SMSE?


For example, let's say that:


- /tcb does not exist

- /etc/shadow does


At this point, we know that we are (at least) operating in Std Mode (SM).


The existence of an attribute like "AUTH_MAXTRIES" in the /etc/default/security file, would "suggest" SMSE, but still NOT definitive.


What I'm looking for is a file/flag or ??? that would exist ONLY if the system were configured for SMSE. So does that rule out the dir /var/adm/userdb? Would the dir exist (regardless of whether it's empty or not) if the 11.31 system is just in SM, rather than SMSE? If not, how is it created (by userdbset?)?







P.S. This thread has been moevd from HP-UX > System Administration  to Security. - Hp forum moderator



Super Advisor
Posts: 309
Registered: ‎09-26-2003
Message 2 of 2 (184 Views)

Re: Simple SMSE Q&A

24 veiws and no one has a clue?



The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.