Glossary

absolute pathname: A pathname that begins at the root directory; a pathname that always begins with a slash (/). For example, /usr/games is an absolute pathname. Also called a full pathname.

ACL (access control list): An optional extension of the traditional UNIX permission bits, which gives the user the ability to specify read/write/execute permissions on a per user and per group basis.

Access ACL: The formal name of the ACL that is checked for access decisions on an object.

administrator: This document uses the term "administrator" in a generic sense to refer to any user involved in the security operation of the system.

auditing: The recording, examining, and reviewing of security-related activities on a trusted system.

audit event: An event that is monitored and reported on by the audit subsystem. Events include system events, application events, and site-definable events. An event can be any command, system call, routine, or program that runs on the system.

audit ID (AUID): ID that is created at login time and that is inherited across all processes.

BASE security: The traditional security that is delivered on BSD UNIX systems, BASE security consists of user authentications based on the /etc/passwd file. A nontrusted Tru64 UNIX system has BASE security.

BSD (Berkeley Software Distribution): UNIX software release of the Computer System Research Group of the University of California at Berkeley -- the basis for some features of Tru64 UNIX.

Default ACLs: The ACLs associated with directories. These two types of ACLs (default access ACL and default directory ACL) determine what ACLs are given to files and subdirectories created in a directory.

discretionary access control (DAC): The traditional UNIX form of file permissions set with the chmod command.

entity: SIA introduces the term entity to mean a user, program, or system which can be authenticated. The entity identifier is the user ID (UID).

ER (external representation): A POSIX-compliant ASCII representation of an ACL used for presentation to the user.

effective user ID (EUID): The current user ID, but not necessarily the user's ID. For example, a user logged in under a login ID may change to another user's ID. The ID to which the user changes becomes the effective user ID until the user switches back to the original login ID.

enhanced passwords: Passwords with the enhanced attributes made available by the enhanced security option. Enhanced passwords are stored in the prpasswd file and are sometimes refered to as extended, protected, or shadowed passwords.

ENHANCED security: The optional security features that supplements BASE security. Enhanced security consists of enhanced password profiles.

entity: Term used by the security intergration architecure to define a user, program, or system that can be authenticated.

evaluation criteria: The Trusted Computer System Evaluation Criteria (TCSEC). The enhanced security features in the Tru64 UNIX system have been designed to meet this criteria.

IR (internal representation): A binary representation of an ACL used by the ACL library routines.

login spoofing program: Any program that represents itself as a login program in order to steal a password. For example, a spoofing program might print the login banner on an unattended terminal and wait for input from the user.

operator: The person responsible for the day-to-day maintenance of a system, including backups, line printer maintenance, and other routine maintenance tasks.

process ID (PID): A unique number assigned to a process that is running.

process: A unit of control of the operating system. A process is always executing one program, which can change when the current program invokes the exec() system call. A process is considered trusted when its current program is trusted. See also program.

program: A set of algorithms designed, compiled, and installed in an executable file for eventual execution by a process. A program is considered trusted when the programmer has explicitly designed it to uphold the security policies of the system. See also process.

PPID, ppid (parent process ID): The process ID of the parent or spawning process.

root: The login name for the superuser (system administrator).

root directory: The name applied to the topmost directory in the UNIX system's tree-like file structure; hence, the beginning of an absolute pathname. The root directory is represented in pathnames by an initial slash (/); a reference to the root directory itself consists of a single slash.

root file system: The basic file system, onto which all other file systems can be mounted. The root file system contains the operating system files that get the rest of the system to run.

security attributes: The parameters used by the trusted computing base (TCB) to enforce security. Security attributes include the various user and group identities.

SIA (security integration architecture): The security integration architecture isolates the security-sensitive commands from the specific security mechanisms, thus eliminating the need to modify them for each new security mechanism.

site-defined events: Audit events that are created by application software (that is, not the operating system).

spoofing program: See login spoofing program.

system administrator: The system administrator is responsible for file system maintenance and repair, account creation, and other miscellaneous administrative duties.

TCB (trusted computing base): The set of hardware, software, and firmware that together enforce the system's security policy. The Tru64 UNIX TCB includes the system hardware and firmware as delivered from Digital, the trusted Tru64 UNIX operating system, and the trusted commands and utilities that enforce the security policy. The operating system and all of the other software distributed with the trusted Tru64 UNIX system have been modified to satisfy security requirements.

Traditional security: See BASE security

Triviality checks: Checks performed on passwords to prevent the use of easily guessed passwords. Triviality checks prevent the use of words found in the dictionary, user names, and variations of the user name as passwords.

Trojan horse: Any program that when invoked by a user steals the user's data, corrupts the user's files, or otherwise creates a mechanism whereby the trojan horse planter can gain access to the user's account. Viruses and worms can be types of trojan horses. See also virus, worm.

virus: A computer program designed to insinuate itself into other programs or files in a system and then to replicate itself through any available means (disk file, network, and so forth) into other similar computers, from which it can attack yet more systems. Viruses are designed with the object of damaging or destroying the "infected" programs or systems and are often programmed to become destructive at a specific time, such as the birthday of the virus's programmer. See also Trojan Horse, worm.

vouching: A technique that allows a security mechanism to trust the authentication process of a previously run security mechanism. This feature is implemented by the security integration architecture (SIA).

worm: A computer program designed to insinuate itself into other programs or files in a system and then to replicate itself through any available means (disk file, network, and so forth) into other similar computers, from which it can attack yet more systems. Worms are designed with no serious intent to do damage, but they are harmful because they occupy resources intended for legitimate use. See also Trojan Horse, virus.

Trusted Computing Base (TCB): The term TCB refers to all software and hardware components of the system that must work correctly in order for the system to be considered secure. (This document addresses no hardware topics.)