Penetration Testing mailing list archives
[PEN-TEST] Tandem's
From: "Blair, Glenn" <glenn.blair () SCOTIABANK COM>
Date: Fri, 8 Sep 2000 09:47:18 -0400
I will leave the UNIX flavour (sorry for the spelling, I'm Canadian, eh) of Tandem alone for now. I have worked with the Guardian operating system since 1982. The Guardian operating system (aka Non-Stop Kernel) can be successfully secured with or without Safeguard. It becomes a question of how best to "share" access to data between applications. Under Guardian90 it tends to folow the UNIX security construct: owner only; everyone in group; everyone. With Safeguard, granularity is greatly improved thorugh the use of access control lists. I too have utilized the E&Y book. It is a good starting point.
From my experience, particular attention to LICENSED and PROGID (setuid for UNIX
ppl) code is critical. Lists of programs secured with these privileges can be easily obtained from the TACL command prompt. Another area to watch is the TACLLOCL ($SYSTEM.SYSTEM.TACLLOCL) and the TACLCSTM file in home directories. These files get executed during a login sequence before control of the terminal is handed to the user. Nasty things can happen if anyone other than the owner of these files can write to the TACLLOCL/TACLCSTM file (particularly for the 255,255 account (SUPERID). If the environment utilizes PATHWAY applications, security of this environment is also a major concern as simple utilities (FUP etc) can be added as servers in the environment, granting privileged access for "free". While SUPER.SUPER (255,255) can be denied access using Safeguard, this becomes a practicality issue unless a third-party application (e.g., Onguard, CA-SESMAN from Computer Associates) is utilized. We developed our own "tool" here which monitors our environments, as we could not find a third party solution that included other third party software products. This is only a quick two minute dump. Specifics questions, concerns could be addressed directly, or through this mailing list, subject to moderator concurrence.. Glenn Blair Sr. Security Specialist tel. (416) 285-2498 fax (416) 288-5055 glenn.blair () scotiabank com
Current thread:
- [PEN-TEST] Tandem's Blair, Glenn (Sep 08)