Manuals / Brands / Computer Equipment / Software / HP / Computer Equipment / Software

HP UX Whitelisting 6.3 Creating an IBAC policy, 6.4 Removing a file access policy, 6.5 Enabling DLKMs to load during boot, NOTE:, joe_vi, joe_vi, joe_vi, joe.key, joepriv

1 62

Download 62 pages, 731.73 Kb

The policy metadata is created and resides in a protected file or named stream, depending on the current value of the metadata storage attribute and possibly the file system type.

The administrator owns key admin.pvt. The administrator must authorize the user key for policy enforcement:

%wlicert -i joe.key -k ./admin.pvt /home/joe/joepub

The administrator chose identifier joe.key to represent the user's key in the WLI database.

Now /home/joe/joefile is protected against deletion and alteration.NOTE: The user and administrator can be the same person and user ID.TIP: An administrator key can create the FLAC policy.

6.3 Creating an IBAC policy

In the following example, the user wants /home/joe/joefile2 accessible only through /home/joe/joe_vi. The user adjusted the group permissions for joe_vi so that only he and a specific group can execute joe_vi. The user's private key is joepriv.

User procedure:

1.Sign joe_vi:%cd /home/joe%wlisign -a -k joepriv -e joe_vi2.Create the IBAC policy:%wlipolicy -i -a -k joepriv -e joe_vi joefile2

The administrator must authorize the user key for policy enforcement as in Section 6.2 (page 29):

%wlicert -i joe.key -k ./admin.pvt /home/joe/joepub

NOTE: The keys used to sign joe_vi and create the IBAC policy are the same. This is not a requirement and the keys can be different.

Now, joefile2 can only be opened by joe_vi. Any user, including superuser, receives a “Permission denied” message if access is attempted with /usr/bin/vi or other executable.

IBAC and FLAC policies are mutually exclusive. A file can have any number of IBAC policies assigned to it, but only one IBAC.

6.4 Removing a file access policy

In the following example, the user wants to remove the FLAC policy.

User procedure:

•Delete the policy:

%cd /home/joe

%wlipolicy -f -d -k joepriv1 -e joe_vi joefile

The same key used to create the FLAC policy is necessary to delete the policy. Any user that can read the key and knows the passphrase can delete it.

6.5 Enabling DLKMs to load during boot

For this example, the system administrator identified /usr/conf/mod/ciss as a DLKM that loads during boot. The DLKM must be signed now that WLI is installed to continue to load

30 Enhancing security with WLI

Contents

HP-UX11iv3 Page Table of Contents 7 Backup and restore considerations 8 HP Serviceguard considerations 9 Troubleshooting and known issues Lost WLI administrator key or passphrase 10 Support and other resources Glossary Index List of Figures List of Examples Page 1 Security features 1.1 File access policies 1.1.1 File lock access controls 1.1.2 Identity-basedaccess controls 1.2 Capabilities 1.2.4api libwliapi example” (page 45) Page 2 Product overview 2.1 WLI architecture 2.1.1 Commands 2.1.1.1 Application API 2.1.1.2 Applications 2.1.1.3 Stackable file system module 2.1.1.4 Policy enforcement manager 2.1.1.5 File systems 2.2 WLI database 2.3 WLI metadata files 2.3.1.$WLI_FSPARMS$ auto pseudo pseudo Metadata is stored separately in files within directories always named Page 3 Key usage 3.1 Generating keys 3.2 User keys 3.3Administrator keys 4 Installing, removing, and upgrading 4.1 Installation requirements Hardware requirement Operating system requirements Patch requirements 4.3Removing WLI 4.4Upgrading WLI Page 5 Configuring 5.1Authorizing the recovery key 5.2 Authorizing administrator keys 5.3 Signing DLKMs 5.4 Backing up the WLI database 5.5 Rebooting to restricted mode Page 6 Enhancing security with WLI 6.1 Signing an executable binary 6.2 Creating a FLAC policy 6.3 Creating an IBAC policy 6.4 Removing a file access policy 6.5 Enabling DLKMs to load during boot 6.6 Loading unsigned DLKMs Page 7 Backup and restore considerations 7.1 Overview 7.2WLI database files 7.2.1 Write protected 7.2.2 Read/write protected files 7.3 Policy protected and metadata files 7.3.1 FLAC policies 7.3.2 IBAC policies 7.3.3 Metadata files 7.3.4Recommendations Page 8 HP Serviceguard considerations 8.1 Overview 8.2 Administration 8.2.1WLI database 8.2.2Policy protected files 9 Troubleshooting and known issues 9.1 Software distributor issues 9.2WLI reinstallation 9.3Lost WLI administrator key or passphrase 9.4 WLI database corruption %wlisyspolicy -smode=maintenance -k <admin_key #rm -r /etc/wli #tar -xf /tmp/wlikeydb.tar #kcmodule wli=unused #kcmodule wli=static 10 Support and other resources 10.1 Contacting HP 10.1.1 Before you contact HP 10.1.2HP contact information 10.1.3Subscription service 10.3Typographic conventions Page Page example A.1 Instructions A.3 FLAC add and delete program A.4 IBAC add and delete program Page Page B Administration examples #wlisign -a -kadm1.pvt /usr/bin/tar /usr/bin/tar %wlicert -s -cwli.admin1 -owmd -kadm1.pvt %wliwrap -kadm1.pvt -owmd "/tar -cvftartest.tar /tmp/tartest tartest.tar %tar -vtftartest.tar The archive contains metadata stored in regular files, not VxFS named streams % bdf mydir %cat /tmp/'.$WLI_FSPARMS$ wmdtype=pseudo For example, to start a user backup of the files listed in backup_list: %bpbackup -fbackup_list To restore the files in backup_list: %bprestore -fbackup_list C Quick setup examples C.1 Installing WLI C.2 Configuring WLI C.2.1 Authorizing an administrator key C.2.2 Authorizing a user key C.3 FLAC policies C.3.1 Creating a FLAC policy C.3.2 Enabling a FLAC policy C.3.3 Testing a FLAC policy C.3.4 Disabling a FLAC policy C.4 IBAC policies C.4.1 Creating an IBAC policy C.4.2 Enabling an IBAC policy C.4.3 Testing an IBAC policy C.4.4 Disabling an IBAC policy C.4.5 Removing an IBAC policy Glossary Page Index Symbols