HP UX 11i Role-based Access Control (RBAC) Software manual Solution, What is RBAC?

3 Solution

User can set the privileges of debugger binary either manually using setfilexsec command or create a new debug role in RBAC (Role Based Access Control) roles database with hpux.security.access.privrun.* authorizations.

This document provides the details on how to provide the required privileges for debugging processes using RBAC.

What is RBAC?

RBAC (Role-Based Access Control) is an alternative to the all-or-nothing security model of traditional root user-based systems. With RBAC, an administrator can assign roles to non-root users or UNIX groups. Each role has authorizations composed of an operation and object, where the operation is an action that can be performed on an object, and the object is an object the user can access with a given operation. HP-UX RBAC database files are available in /etc/rbac directory.

For more information on RBAC, we request user to refer the link mentioned below.

http://h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?

lang=en=us=101=10008=SupportManual=64255=18964=4164662

What is FGP?

The HP-UX FGP (fine-grained privilege) model splits the powers of root users into a set of privileges. Each privilege grants a process that possesses that privilege the right to a certain set of restricted services provided by the kernel. Privileges can be managed internally by a process with "privilege bracketing". Privilege bracketing is the practice of enabling, or "raising", a privilege only while the privilege is needed, then disabling, or "lowering", the privilege. The privileges that a process has raised determine which sensitive system call services the process can invoke.

For more information, we request user to refer the privileges man pages

privileges(5) Overview of HP-UX privileges.

privileges(3) Describes fine-grained privileges interfaces.

Problem with debugging a process with elevated privileges

From the Fine Grained Privileges perspective, a process will not be able to adopt the privileges of already running process. Process should have either same or higher set of privileges to attach to other process. Without the required privileges debugging process will terminate with permission denied error.

For example, let us take debugger tool tusc which uses ttrace for listing the system calls on the running process.

Start the user process

#./test & [1] 5926

Check the privileges of the above created process

#getprocxsec 5926 effective= BASIC NETPRIVPORT permitted= BASIC NETPRIVPORT retained= none

cmpt= init euid= zero

6Solution