The Question is:
I have to protect the sysuaf from other privileged users on the system. I added
an ACL to Authorize.exe and sysuag.dat, and added a second acl to restrict all
Identifier=[*,*],access=none. Privileged users where still able to access the
sysuaf. I noticed that the authorize.exe file is installed with privileges. I
de-installed the image and the acl structure worked fine. My quesiton is, Is
it necessary to have a
uthorize.exe installed? And if not, which startup file installs the image?
The Answer is :
If you do not trust your privileged users, then you have no security.
Any sufficiently privileged user can perform any desired action.
You can not protect your system against privileged users, as privileges
are central the mechanisms that are used for the purpose of protection
and access control. Privileges are a key part of the mechanisms that are
used to protect the system against nefarious activities, and also against
untrusted, untrained or otherwise careless users.
You will notice that AUTHORIZE is installed solely with AUDIT privilege,
and AUDIT privilege does not grant any enhanced system file access.
The installation of AUTHORIZE (with the AUDIT privilege) is required by
The removal or alteration or relocation or deletion of any image that
is provided by OpenVMS -- unless requested by a Compaq representative
or otherwise explicitly documented by OpenVMS -- is not recommended.
If you cannot trust privileged users and cannot disable all untrusted
privileged users -- you will want to seriously consider the use of the
multiple-password login for all privileged users. With this mechanism,
two users must be present to log into any privileged username. You will
also want to consider the creation and use of dedicated (captive) logins
for certain tasks that require privileges, or the creation and use of
images and the INSTALL utility or the privileged subsystem mechanism.
You will want to read through and understand the OpenVMS Guide to System
Security manual, you will want to seriously consider following the
guidelines in the appendix of the aforementioned manual covering the
creation and operation of OpenVMS in a Class C2 environment, and you
will want to consider a security review.