DOC HOME
SITE MAP
MAN PAGES
GNU INFO
SEARCH
PRINT BOOK
Managing system security
Maintaining system security
Understanding system security
Physical security
Trusted system concepts
Trusted computing base
Accountability
Discretionary access control (DAC)
Object reuse
Authorizations and privileges
Identification and authentication (I&A)
Auditing
Protected subsystems
Security in a networked environment
Network Information Service
The graphical environment
Network mail
Administering a trusted system
Assigning administrative roles and system privileges
Controlling system access
Password restrictions
Terminal use restrictions
Login restrictions
Logging out idle users (non-graphical sessions only)
Restricting root logins to a specific device
Using auditing on your system
Protecting the data on your system
The owner and group attributes
Discretionary access control (DAC): permission bits
Discretionary access control (DAC): access control lists
The minimal ACL
Additional ACL entries
How the system generates an ACL
Examining an ACL
Changing the access control list of a file
SUID/SGID bits and security
SUID, SGID, and sticky bit clearing on writes
The sticky bit and directories
Data encryption
Imported data
Imported files
Imported filesystems
Terminal escape sequences
Creating account and login activity reports
Reporting password status
Creating an account summary
Reporting terminal access status
Reporting user login activity
Reporting terminal login activity
Logging unsuccessful login attempts
Detecting system tampering
Stolen passwords
Abuse of system privileges
Unsupervised physical access to the computer
Dealing with filesystem and database corruption
The authentication database files
Checking the system after a crash
Using the override terminal
Automatic database checking and recovery: tcbck(ADM)
Database consistency checking: authck(ADM) and addxusers(ADM)
Creating UNIX system and TCB account database reports
System file integrity checking: integrity(ADM)
System file permission repair: fixmog(ADM)
Understanding how trusted features affect programs
LUID enforcement
stopio(S) on devices
Privileges
Sticky directories
Disabling C2 features
Troubleshooting system security
Account is disabled -- see Account Administrator
Account is disabled but console login is allowed Terminal is disabled but root login is allowed
Authentication database contains an inconsistency
Can't rewrite terminal control entry for tty Authentication error; see Account Administrator
Cannot access terminal control database entry
Cannot obtain database information on this terminal
Login incorrect
login: resource Authorization name file could not be allocated due to: cannot open;
Terminal is disabled -- see Account Administrator
You do not have authorization to run ...
Unable to remove files
NSS Overview
Index