Simple SMSE Q&A (141 Views)
Reply
Super Advisor
john guardian
Posts: 309
Registered: ‎09-26-2003
Message 1 of 2 (141 Views)

Simple SMSE Q&A

[ Edited ]

For Trusted Mode, having the /tcb tree is an obvious means of verification.

 

But what about SMSE. Is there "something" that is exclusive to SMSE (on an 11.31 machine that would definitively identify its status as "configured for SMSE?

 

For example, let's say that:

 

- /tcb does not exist

- /etc/shadow does

 

At this point, we know that we are (at least) operating in Std Mode (SM).

 

The existence of an attribute like "AUTH_MAXTRIES" in the /etc/default/security file, would "suggest" SMSE, but still NOT definitive.

 

What I'm looking for is a file/flag or ??? that would exist ONLY if the system were configured for SMSE. So does that rule out the dir /var/adm/userdb? Would the dir exist (regardless of whether it's empty or not) if the 11.31 system is just in SM, rather than SMSE? If not, how is it created (by userdbset?)?

 

Anyone?

 

Thx.

 

 

P.S. This thread has been moevd from HP-UX > System Administration  to Security. - Hp forum moderator

 

 

Please use plain text.
Super Advisor
john guardian
Posts: 309
Registered: ‎09-26-2003
Message 2 of 2 (116 Views)

Re: Simple SMSE Q&A

24 veiws and no one has a clue?

 

 

Please use plain text.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation