RE: Solaris Basic Security Module

From: Anupam (frj780jdy85533001@sneakemail.com)
Date: 09/20/02


From: "Anupam" <frj780jdy85533001@sneakemail.com>
To: <boutros@swissonline.ch>
Date: Fri, 20 Sep 2002 00:21:43 -0400


> I was wondering if there is a quick way to check and see if the Sun

> Basic Security Module (BSM) has been enabled on a Solaris 8 box.

$ /usr/sbin/modinfo | fgrep c2audit
 43 10297d1a 11f94 186 1 c2audit (C2 system call)

Basically the c2audit module should be loaded. AFAIK this is "proof" that
auditing is enabled. To decide what you want to audit and see trails is a
different ball game.

BTW anyone know why one has to be in single-user mode before running bsmconv
? Is there any real justification for this?

- Anupam