Previous | Table of Contents | Next |
The following rules apply to the entries in the tune files:
/etc/pass* 00755 ? ? file /etc/* 00770 ? ? file
You modify settings in the tune file by adding or deleting file entries.
NOTE: Setting a permission to a less restrictive value than the current setting has no effect; the ASET tasks do not relax permissions unless you downgrade your system security to a lower level.
The uid_aliases file contains a list of multiple user accounts sharing the same ID. Normally, ASET warns about such multiple user accounts because this practice lessens accountability. You can allow for exceptions to this rule by listing the exceptions in the uid_aliases file. ASET does not report entries in the passwd file with duplicate user IDs if these entries are specified in the uid_aliases file.
The default /usr/aset/masters/uid_aliases file is:
# # Copyright 1990, 1991 Sun Microsystems, Inc. All Rights Reserved. # # # sccsid = @(#) uid_aliases 1.1 1/2/91 14:39:52 # # format: # uid=alias1=alias2=alias3= ... # allows users "alias1", "aliase2", "alias3" to share the same uid. 0=+=root=checkfsys=makefsys=mountfsys=powerdown=setup=smtp=sysadm= umountfsys 1=sync=daemon
The default entry is to make UID 0 equivalent to user accounts root, checkfsys, makefsys, mountfsys, powerdown, setup, smpt, sysadm, and umountfsys. UID1 is equivalent to the user accounts sync and daemon.
Each entry has the format
<uid>=<alias1>=<alias2>=<alias3>-...
where <uid> is the shared UID number and <aliasn> is the name of the user account that shares the UID.
The master files cklist.high, cklist.med, and cklist.low are generated when you first execute ASET, or when you run ASET after you change the security level.
The following environment variables determine the files that are checked by this task:
Refer to the following section for more information about ASET environment variables.
Previous | Table of Contents | Next |