Table A-1 contains a summary of all the files that are in the trusted computing base (TCB) on the trusted Tru64 UNIX system. Most of these files are installed on the base system, some of the files are created during the installation process, and some are databases created by a running system. Characteristics of those files are included in the Remarks column of the table.
Table A-1: Trusted Computing Base
| File Name | Remarks |
/.cshrc |
Root account
csh
startup script |
/.login |
Root account
csh
startup script |
/.logout |
Root account
csh
logout script |
/.profile |
Root account startup script |
/vmunix |
OS execution image |
/dev/[rz][0-3][a-z] |
Block device disk partitions |
/dev/console |
System console device used in single-user mode |
/dev/kmem |
Kernel memory pseudodevice |
/dev/mem |
Kernel memory pseudodevice |
/dev/null |
Bit bucket pseudodevice |
/dev/pts/* |
Pseudo-ttys |
/dev/rrz[0-3][a-z] |
Character device disk partitions |
/dev/tty |
Current terminal pseudodevice |
/dev/tty[0-f] |
Terminal devices |
/dev/tty* |
Pseudo-ttys |
/etc/auth/system/default |
System defaults database |
/etc/auth/system/devassign |
Device assignment database |
/etc/auth/system/files |
File control database |
/etc/auth/system/subsystems |
Printable names for protected subsystems |
/etc/auth/system/ttys.db |
Terminal control database |
/etc/fstab |
Contains file systems to be mounted |
/etc/group |
Groups database |
/etc/inittab |
System initialization control file |
/etc/passwd |
Accounts database |
/etc/policy/acl/pconfig |
Discretionary policy setup file |
/sbin/arp |
Address resolution protocol (networking) |
/sbin/chown |
Change file owner |
/sbin/clri |
Clear on-disk inode |
/sbin/date |
Display/change time of day |
/sbin/df |
Display file system free space |
/sbin/fsck |
File system consistency checker |
/sbin/fsdb |
File system debugger |
/sbin/halt |
Bring system down |
/sbin/hostid |
Display/set system host ID |
/sbin/hostname |
Display/set host name |
/sbin/ifconfig |
Display/change network interface config (BSD networking) |
/sbin/kill |
Send software signal to process |
/sbin/killall |
Kill all active processes |
/sbin/mknod |
Create special files |
/sbin/mount |
Mount file systems or display mount table |
/sbin/newfs |
Format disk partition |
/sbin/ping |
Send ICMP alive request (BSD networking) |
/sbin/ps |
Display process status |
/sbin/rc[0-3].d |
System setup scripts |
/sbin/reboot |
Reboot the system |
/sbin/route |
Manage route tables (BSD networking) |
/sbin/savecore |
Dump memory image after crash |
/sbin/sh |
Shell |
/sbin/sulogin |
Single-user root login password verifier |
/sbin/swapon |
Add swap devices |
/sbin/umount |
Unmount mounted file systems |
/tcb/bin/pacld |
Discretionary policy daemon |
|
Maintain ACL synonym database |
/tcb/bin/auditd |
Audit daemon |
/tcb/bin/authck |
Security database consistency checker |
/usr/tcb/bin/edauth |
Authcap database editor |
/usr/tcb/bin/convauth |
Convert auth databases |
/usr/tcb/bin/convuser |
Convert user profile |
/tcb/bin/setacl |
Change a file's access control list |
/tcb/bin/epa |
Set process attributes |
/tcb/bin/init |
Initial process, change run levels |
/tcb/bin/integrity |
Security file attribute checker |
/tcb/bin/mkaud |
Audit reinitialization control files |
/tcb/bin/reduce |
Print audit report |
/tcb/bin/su |
Establish user identity program |
/tcb/files/PACLDBASE |
Discretionary policy tag/IR database |
/tcb/files/audit |
Compaction file directory on root file system |
/tcb/files/audit/audit_parms |
Default audit control file |
/tcb/files/audit/audit_select |
Audit selection criteria |
/tcb/files/audit/reports |
Directory for audit report storage |
/tcb/files/auditrparms |
Directory for reduction selection files |
/tcb/files/auth/<a-z>/<username> |
Protected password file |
/tcb/files/auth.db |
Protected password database for system accounts |
/var/tcb/files/auth.db |
Protected password database for user accounts |
|
|
|
|
/tmp |
Temporary directory |
/users |
Parent of users home directory |
/usr/bin/at |
Delayed job submission |
/usr/bin/atq |
List delayed job submissions |
/usr/bin/atrm |
Remove delayed job submissions |
/usr/bin/cancel |
Cancel a print request |
/usr/bin/chgrp |
Change file group |
/usr/bin/cpio |
Perform single-level import/export |
/usr/bin/crontab |
Periodic job table submission |
/usr/bin/csh |
Root account shell |
/usr/bin/finger |
Display account information |
/usr/bin/from |
Display mail headers |
/usr/bin/ipcs |
Display system V IPC object status |
/usr/bin/login |
Login program |
/usr/bin/lp |
Submit print request |
/usr/bin/lpr |
Submit print request |
/usr/bin/lprm |
Cancel print request |
/usr/bin/lpstat |
Display print subsystem status |
/var/spool/mail/ |
Mail directory |
/usr/bin/mesg |
Disable/enable terminal messages |
/usr/bin/mt |
Manipulate tape device |
/usr/bin/newgrp |
Change process group assignment |
/usr/bin/nice |
Run process with different priority |
/usr/bin/passwd |
Password change program |
/usr/bin/rcp |
Network copy (BSD networking) |
/usr/bin/rlogin |
Network login (BSD networking) |
/usr/bin/rsh |
Remote shell (BSD networking) |
/usr/bin/tar |
Perform single-level import/export |
/usr/bin/write |
Open connection to another user/window |
/usr/lbin/acct/accton |
Enable system accounting |
/usr/lbin/ex3.7preserve |
Preserve an interrupted edit session |
/usr/sbin/cron |
Delayed/periodic job daemon |
/usr/sbin/dcheck |
Directory check utility |
/usr/sbin/dumpfs |
Display superblock |
/usr/sbin/edquota |
Edit quota controls |
/usr/sbin/fastboot |
Bring system down |
/usr/sbin/fasthalt |
Bring system down |
/usr/sbin/icheck |
Inode check utility |
/usr/sbin/link |
Perform
link()
system call |
/usr/sbin/lpc |
Line printer control program |
/usr/sbin/lpd |
Line printer daemon |
/usr/sbin/mkpasswd |
Create binary database from
/etc/passwd |
/usr/sbin/ncheck |
Display file associated with inode number |
/usr/sbin/netstat |
Display network statistics |
/usr/sbin/nfsstat |
Display NFS statistics (NFS) |
/usr/sbin/quot |
Disk quota maintenance command |
/usr/sbin/quotacheck |
Disk quota maintenance command |
/usr/sbin/quotaoff |
Disk quota maintenance command |
/usr/sbin/quotaon |
Disk quota maintenance command |
/usr/sbin/renice |
Change priority of running command |
/usr/sbin/repquota |
Disk quota report |
/usr/sbin/shutdown |
System shutdown program |
/usr/sbin/trpt |
System reporting program |
/usr/sbin/tunefs |
Change values in super block |
/usr/sbin/vipw |
Manipulate passwords |
/etc/passwd |
BASE security password file |
/usr/sbin/wall |
Send message to all logged in users |
/usr/share/lib/sechelp/ |
Help files for user interface programs |
/usr/shlib/libsecurity.so |
Security-relevant library routines |
/var/adm/cron/ |
Administrative control files for
cron |
/var/adm/pacct |
Accounting file |
/var/adm/utmp |
Hold user and accounting information (current) |
/var/adm/wtmp |
Hold user and accounting information (since boot) |
Table A-2
lists files that are installed on the trusted
system but not on a nontrusted system, and files that are modified on a trusted
system.
The files in this table are not considered part of the trusted computing
base.
Table A-2: Files Not in Trusted Computing Base
| File Name | Remarks |
/usr/include/*.h |
Many files modified/added |
/usr/include/sys/*.h |
Many files modified/added |