IBM 10 SP1 EAL4 4.3 TSF databases, 4.4 Definition of subsystems for the CC evaluation

•The chfn command allows users to change their finger information. The finger command

displays that information, which is stored in the /etc/passwd file.

•The date command is used to print or set the system date and time. Only an administrative user

is allowed to set the system date and time.

•The groupadd, groupmod, and groupdel commands allow an administrator to add, modify, or

delete a group, respectively. Refer to their respective man pages for more detailed information.

•The hwclock command is used to query and set the hardware clock. Only an administrative user

is allowed to set the system hardware clock.

•The minimal form of getty, mingetty is for consoles, and provides the same functionality as

agetty. However, unlike agetty, which is used for serial lines, mingetty is used for

virtual consoles.

•The newgrp command logs into another groupid.

•The openssl program is a command-line tool for using the various cryptography functions of the

Secure Socket Layer (SSL v3) and Transport Layer Security (TSL v1) network protocols.

•pam_tally manages the /var/log/faillog file to reset the failed login counter.

•The ping and ping6 commands, for IPv4 and IPv6 respectively, use the mandatory

ECHO_REQUEST datagram of the Internet Control Message Protocol (ICMP) to elicit an

ICMP_ECHO_RESPONSE from a host or a gateway.

•The ssh command is a program for logging into a remote machine and for executing commands

on a remote machine. It provides secure encrypted communications between two untrusted hosts

over an insecure network.

•star is a version of the tar command that preserves extended attributes. Extended attributes are

the means by which ACLs are associated with file system objects.

•The stunnel program is designed to work as an SSL encryption wrapper between remote clients

and local or remote servers.

•The useradd, usermod, and userdel commands allow an administrator to add, modify, or delete

a user account, respectively. Refer to their respective man pages for more detailed information.

•unix_chkpwd is the helper program for the pam_unix PAM module that checks the validity of

passwords at login time. It is not designed to be directly executed.

4.3 TSF databases

Section 6.2.8.5 of the Security Target identifies the primary TSF databases used in SLES and their purposes.

These are listed either as individual files, by pathname, or as collections of files.

With the exception of databases listed with the User attribute (which indicates that a user can read, but not

write, the file), all of these databases are only accessible to administrative users. None of these databases is

modifiable by a user other than an administrative user. Access control is performed by the file system

component of the SLES kernel. For more information about the format of these TSF databases, please refer

to their respective section of man pages.

See section 6.2.8.5 in the Security Target.

4.4 Definition of subsystems for the CC evaluation

Previous sections of this paper defined various logical subsystems that constitute the SLES system. One of

these logical subsystems alone can provide, or two or more can combine to provide, security functionalities.