Re: Solaris Basic Security Module

From: Darren J Moffat (Darren.Moffat@Sun.COM)
Date: 09/17/02

• Previous message: Crist J. Clark: "PAM and FTP in Solaris 7"
• In reply to: boutros: "Solaris Basic Security Module"
• Next in thread: Greene Paul: "Re: Solaris Basic Security Module"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 17 Sep 2002 12:32:47 -0700 (PDT)
From: Darren J Moffat <Darren.Moffat@Sun.COM>
To: boutros <boutros@swissonline.ch>

On Mon, 16 Sep 2002, boutros wrote:

> Hello all,
>
> I was wondering if there is a quick way to check and see if the Sun
> Basic Security Module (BSM) has been enabled on a Solaris 8 box.

/etc/security/bsmconv does 3 things:

        1. Enables auditd

        It creates /etc/security/audit_startup which causes auditd to
        run on reboot. To check look for a running auditd, its pid is
        the first field of /etc/security/audit_data

        2. Enables device allocation

        /etc/security/spool/S92volmgt exists

        3. Turns off L1-A

        set abort_enable = 0 is in /etc/system

Note that this may change in future releases but it is something you
could have worked out by reading the /etc/security/bsmconv script.

In particular 2 and 3 may not exist in a future release or may work
a different way.

-- 
Darren J Moffat

---

• Previous message: Crist J. Clark: "PAM and FTP in Solaris 7"
• In reply to: boutros: "Solaris Basic Security Module"
• Next in thread: Greene Paul: "Re: Solaris Basic Security Module"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > focus-sun  > 2002-09