IBM 10 SP1 EAL4 manual TSF databases, Definition of subsystems for the CC evaluation

•The chfn command allows users to change their finger information. The finger command displays that information, which is stored in the /etc/passwd file.

•The date command is used to print or set the system date and time. Only an administrative user is allowed to set the system date and time.

•The groupadd, groupmod, and groupdel commands allow an administrator to add, modify, or delete a group, respectively. Refer to their respective man pages for more detailed information.

•The hwclock command is used to query and set the hardware clock. Only an administrative user is allowed to set the system hardware clock.

•The minimal form of getty, mingetty is for consoles, and provides the same functionality as agetty. However, unlike agetty, which is used for serial lines, mingetty is used for virtual consoles.

•The newgrp command logs into another groupid.

•The openssl program is a command-line tool for using the various cryptography functions of the Secure Socket Layer (SSL v3) and Transport Layer Security (TSL v1) network protocols.

•pam_tally manages the /var/log/faillog file to reset the failed login counter.

•The ping and ping6 commands, for IPv4 and IPv6 respectively, use the mandatory ECHO_REQUEST datagram of the Internet Control Message Protocol (ICMP) to elicit an ICMP_ECHO_RESPONSE from a host or a gateway.

•The ssh command is a program for logging into a remote machine and for executing commands on a remote machine. It provides secure encrypted communications between two untrusted hosts over an insecure network.

•star is a version of the tar command that preserves extended attributes. Extended attributes are the means by which ACLs are associated with file system objects.

•The stunnel program is designed to work as an SSL encryption wrapper between remote clients and local or remote servers.

•The useradd, usermod, and userdel commands allow an administrator to add, modify, or delete a user account, respectively. Refer to their respective man pages for more detailed information.

•unix_chkpwd is the helper program for the pam_unix PAM module that checks the validity of passwords at login time. It is not designed to be directly executed.

4.3TSF databases

Section 6.2.8.5 of the Security Target identifies the primary TSF databases used in SLES and their purposes. These are listed either as individual files, by pathname, or as collections of files.

With the exception of databases listed with the User attribute (which indicates that a user can read, but not write, the file), all of these databases are only accessible to administrative users. None of these databases is modifiable by a user other than an administrative user. Access control is performed by the file system component of the SLES kernel. For more information about the format of these TSF databases, please refer to their respective section of man pages.

See section 6.2.8.5 in the Security Target.

4.4Definition of subsystems for the CC evaluation

Previous sections of this paper defined various logical subsystems that constitute the SLES system. One of these logical subsystems alone can provide, or two or more can combine to provide, security functionalities.

28