08-10-2009 02:46 AM
Need a pointer to what the ownership should be of /sbin/rc.utils. It's been as a security issue that it's currently owned by bin:sys and should be root:root.
Does anyone know what the default is in a new install and if there any implications to making it root:root ?
08-10-2009 02:52 AM
If you think that the permsission is wrong you may check with swverify. That will give if there any variation from default.
But let me checki in my server.
May I know whcih is your OS version?
08-10-2009 02:55 AM
OS rev is 11.*
I believe bin:sys will be default but we are recommended to change it to root:root, am wondering if this will break anything or not.
08-10-2009 03:00 AM
# uname -a
HP-UX rx260-17 B.11.23 U ia64 3250938661 unlimited-user license
# ls -l rc.utils
-r--r--r-- 1 bin sys 21921 Aug 26 2004 rc.utils
08-10-2009 03:34 AM
> Need a pointer to what the ownership should be of /sbin/rc.utils. It's been as a security issue that it's currently owned by bin:sys and should be root:root.
Sorry, there is no security issue when the ownership is correctly bin:sys. No doubt this is someone's audit who doesn't understand Unix.
Neither 'bin' nor 'sys' are configured to be able to login. You will see an asterisk ('*') in the password field of '/etc/passwd' or '/etc/shadow' for these accounts that prohibits login.
08-10-2009 03:45 AM
I dont know why it is recommended. And the system defualt permission will be as per the requirement of the sytem and most secured.
I don't support this change !!!
08-10-2009 07:16 PM
NOTE: Not everything on an HP-UX system is controlled by HP. You may add databases, new users, new directories, etc. You want best practices for secure syadmin tasks and avoid 666 and 777 like the plague.