IBM 10 SP1 EAL4 manual Non-kernel TSF software, Kernel modules and device drivers

4.2.1.2.3Kernel modules and device drivers

Kernel modules are pieces of code that can be loaded and unloaded into and out of the kernel upon demand. They extend the functionality of the kernel without the need to reboot the system. Once loaded, the kernel module object code can access other kernel code and data in the same manner as statically-linked kernel object code.

A device driver is a special type of kernel module that allows the kernel to access the hardware connected to the system. These devices can be a hard disk, monitor, or network interface. The driver interacts with the remaining part of the kernel through a specific interface, which allows the kernel to deal with all devices in a uniform way, independently of their underlying implementations.

4.2.2Non-kernel TSF software

The non-kernel TSF software consists of trusted programs that are used to implement security functions. Note that shared libraries, including PAM modules in some cases, are used by trusted programs. The trusted commands can be grouped as follows.

•Daemon processes that do not directly run on behalf of a user, but are started at system startup or upon demand of a system administrator. Daemon processes are responsible for setting the appropriate user identity when performing a service on behalf of a user. Following are the daemon processes that provide TSF functionality.

•The atd daemon is the server that reads at jobs submitted by all users and performs tasks specified in them on behalf of the user. atd is started by the init program during system initialization.

•The auditd daemon reads audit records from the kernel buffer through the audit device and writes them to disk in the form of audit logs.

•The cron daemon is the daemon that reads the crontab files for all users and performs tasks specified in the crontab files on behalf of the user. The init program starts the cron daemon during system initialization. The crontab file and cron daemon are the client- server pair that allow the execution of commands on a recurring basis at a specified time.

•The init program is the userspace process that is ancestor to all other userspace processes. It starts processes as specified in the /etc/inittab file.

•The sshd daemon is the program for secure shell. The ssh command and sshd daemon are the client-server pair that allow authorized users to log in from remote systems using secure encrypted communications.

•The vsftpd daemon is the Very Secure File Transfer Protocol daemon that allows authorized users to transfer files to and from remote systems.

•The xinetd daemon accepts incoming network connections and dispatches the appropriate child daemon to service each connection request.

•Following are programs that are executed by an unprivileged user and need access to certain protected databases to complete their work.

•The at program is the program used by all users to submit tasks to be performed at a later time.

•The atrm program removes jobs already queued for execution. atrm deletes jobs, whose job numbers are passed to the command line as arguments.

•The chage command allows the system administrator to change the user password expiry information. Refer to the chage man page for more detailed information.

26