Managing SNAplus2 from NetView

Using UCF

In this case, the ux-cancelcommand is ignored. No action is necessary. This message can be displayed when the ux-cancelcommand is issued after the previous command finishes but before the UNIX COMMAND COMPLETED message is received.

UCF Security

Because the UCF enables a remote operator to issue commands on the HP-UX computer and to receive output from these commands, it is important to consider the security implications. For example, you need to ensure that the operator cannot access private information or issue HP-UX commands that can disrupt other users.

The SNAplus2 configuration includes a specific HP-UX system user name as the UCF user; this must be a valid login ID on the SNAplus2 computer. All UCF commands run with this user's ID, and therefore with the access permissions of this user.

It is intended that you use the normal security features provided by HP-UX to restrict the commands the UCF user can access, in order to permit only those commands you consider reasonable for use from UCF. The following guidelines may be useful:

The UCF user name should be one that is used solely for UCF; you should not use an existing login that is also used for other purposes. This makes it easier to define the privileges of this user to include only those that are reasonable for UCF; it also enables you to identify processes that were started using UCF.

You may need to restrict the users and groups for which the UCF user can change a user ID or group ID. In particular, the UCF user must not be permitted to do the following:

Become root or superuser.

Use the group ID sna, which enables access to the snapadmin program. (The functions of this program should be accessed using SPCF, as described earlier in this chapter, instead of UCF.)

Chapter 10

247