IBM 10 SP1 EAL4 5.11.4 Interaction with audit, 5.12 Network applications, 5.12.1 OpenSSL Secure socket-layer interface

4. Processes command-line arguments.

5. Sets up the environment variable array.

6. Invokes pam_start() to initialize the PAM library, and to identify the application with a particular

service name.

7. Invokes pam_set_item() to record the tty and user name.

8. Validates the user that the application invoker is trying to become.

9. Invokes pam_authenticate() to authenticate the application user. Terminal echo is turned off

while the user is typing his or her password. Generates audit record to log the authentication attempt

and its outcome.

10. Invokes pam_acct_mgmt() to perform module-specific account management.

11. If the application user is not root, it checks to make sure that the account permits su.

12. Makes new environment active.

13. Invokes setup_groups() to set primary and supplementary groups.

14. Invokes pam_setcred() to set parameters such as resource limits, console groups, and so on.

15. Becomes the new user by invoking change_uid(). For normal users, change_uid() sets the

real and effective user ID. If the caller is root, real and saved user ID are set as well.

5.11.4 Interaction with audit

Trusted processes and trusted commands of the identification and authentication subsystem are responsible

for setting the credentials for a process. Once a user is successfully authenticated, these trusted processes and

trusted commands associate the user’s identity to the processes, which are performing actions on behalf of the

user.

The audit subsystem tries to record security-relevant actions performed by users. Because the user identity

attributes such as uid can be changed by an appropriately privileged process, the audit subsystem in SLES

provides a mechanism by which actions can be associated, irrefutably, to a login user.

This is achieved by extending the process task structure to contain a login id. This login id can only be set

once, and once set cannot be changed, regardless of process privileges. Trusted processes and trusted

programs that perform authentication set it. Programs such as login, cron, and sshd, which authenticate

a user and associate a uid with the user process, set this login id to that uid corresponding to the login user.

5.12 Network applications

This section describes the network applications subsystem. The network applications subsystem contains the

Secure Socket Layer (SSL) interface, and the sshd and vsftpd trusted processes, which interact with the

PAM modules to perform authentication. The network application subsystem also includes the ping program.

These trusted processes and trusted programs recognize different hosts in the LAN by their IP addresses or

their names. Host names are associated with IP addresses using the /etc/hosts file.

5.12.1 OpenSSL Secure socket-layer interface

Network communications take place through well-known standards that form the network stack. While public

standards allow different systems to communicate with each other, they also open up the possibility of various

kinds of attacks.

180