The parenthesized number on an index entry indicates the location of the entry within the book. Entries before the first numbered section in a chapter are identified as Sec. n.0.
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
Special Characters
.rhosts file
suggested permissions on (Sec. 3.1.6)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
A
abbreviated audit reports (Sec. 10.9.3)
absolute pathname (Sec. 16.4)
access control list
See ACL
accessing the databases (Sec. 17.1)
account lock (Sec. 18.4)
account management (Sec. 9.5)
account template (Sec. 9.1.1.3)
modifying (Sec. 9.2.5)
accountability (Sec. 1.1.3)
accountability (Sec. 1.2)
accounting tools (Sec. 10.15)
accounts (Sec. 9.1)
accounts (Sec. 9.5.4)
adding (Sec. 7.1.1)
anonymous ftp (Sec. 3.1.4)
creating (Sec. 7.6)
creating (Sec. 9.1)
deleting (Sec. 9.2.4)
disabled (Sec. 9.2.2)
locked (Sec. 9.2.2)
maintaining (Sec. 9.1)
modifying (Sec. 9.0)
new (Sec. 9.2.2)
passwords (Sec. 9.2.2)
retiring (Sec. 9.2.3)
ACL (Sec. 11.0)
ACL (Sec. 5.0)
administering (Sec. 11.2)
administration (Sec. 11.0)
archival tools (Sec. 11.6)
base entry (Sec. 21.1)
configuring (Sec. 7.5.2)
decision process (Sec. 5.6)
default (Sec. 21.6)
default (Sec. 5.2)
description (Sec. 6.3.3)
enabling (Sec. 11.3.1)
entry rules (Sec. 21.4.3)
example of setting for file (Sec. 21.5)
external representation (Sec. 21.2.2)
format (Sec. 5.5)
getacl command (Sec. 5.4)
getacl command (Sec. 5.4.3)
inheritance (Sec. 21.6)
inheritance (Sec. 5.7.2)
initialization (Sec. 5.7.2)
installation (Sec. 11.0)
installing (Sec. 11.3)
kernel status (Sec. 11.3.1)
library routines (Sec. 21.3)
ls command (Sec. 5.4.4)
maintaining (Sec. 5.8)
object creation rule (Sec. 21.4.1)
overview (Sec. 11.1)
overview (Sec. 5.2)
propagation (Sec. 21.4.1)
protecting files (Sec. 2.6.5)
protecting objects (Sec. 5.4)
recovery (Sec. 11.4)
replication rule (Sec. 21.4.2)
setacl command (Sec. 5.4.2)
standalone system (Sec. 11.5)
status (Sec. 5.3)
umask (Sec. 21.4.1)
using (Sec. 5.0)
verifying status (Sec. 11.3.1)
viewing (Sec. 5.4)
working storage (Sec. 21.2.1)
working storage: example (Sec. 21.5)
administering a trusted operating system (Sec. 6.5)
administrators
introduction (Sec. 6.0)
aliases for audit events (Sec. 10.6.1.4)
aliases for audit events (Sec. B.2)
allowSendEvents resource (Sec. 16.7.2)
anonymous ftp account (Sec. 3.1.4)
ANSI C
symbol preemption (Sec. D.1)
antecedent directories (Sec. 15.4)
application-specific auditing (Sec. 10.5.2)
applications
adding to the file control database (Sec. 12.3)
assigning terminal devices (Sec. 7.7.3)
assigning terminal devices (Sec. 8.1)
audgen command (Sec. 10.1.2.1)
audgen system call (Sec. 19.1)
specifying audit log (Sec. 19.9)
audgen8 trusted event (Sec. 10.5.1)
audgenl library routine
example (Sec. 19.1)
audgenl system call
example (Sec. 19.8.2)
audgenl()
example (Sec. 19.7)
audit (Sec. 10.1)
See also audit subsystem
audit (Sec. 10.4.2)
audit (Sec. 10.6.1.3)
accessing the graphic interface (Sec. 10.1.2.2)
accounting tools (Sec. 10.15)
active processes (Sec. 10.10.2)
administration tools (Sec. 10.1.2)
advanced configuration (Sec. 10.3)
application-specific auditing (Sec. 10.5.2)
application-specific records (Sec. 19.7)
audcntl flag (Sec. 19.6)
audgen command (Sec. 10.1.2.1)
audit control flag (Sec. 10.6.1.2)
audit hosts file (Sec. 10.8)
audit hub (Sec. 10.8)
Audit Manager (Sec. 10.1.2.2)
audit mask (Sec. 10.6.1.1)
control flag (Sec. 10.6.1.2)
auditable events (Sec. 10.5)
auditconfig command (Sec. 10.1.2.1)
auditconfig command (Sec. 10.2)
auditconfig command (Sec. 10.3)
auditd command (Sec. 10.1.2.1)
auditd command (Sec. 10.4.1)
auditing remotely (Sec. 10.8)
auditmask command (Sec. 10.1.2.1)
auditmask command (Sec. 10.4.2)
auditmask flag (Sec. 19.6)
audit_tool command (Sec. 10.1.2.1)
audit_tool command (Sec. 10.10)
audit_tool command (Sec. 10.10)
audit_tool command (Sec. 10.4.3)
audit_tool command (Sec. 10.4.3)
audit_tool.ultrix command (Sec. 10.1.2.1)
AUD_T public tokens (Sec. 19.3.1)
AUD_TP private tokens (Sec. 19.3.2)
AUID (audit ID) (Sec. 10.9)
CDE interface (Sec. 10.1.2.2)
choosing events (Sec. 10.5)
commands (Sec. 10.1.2.1)
configuring (Sec. 10.2)
configuring (Sec. 10.3)
configuring (Sec. 10.4.1)
console messages (Sec. 10.1.1)
content of records (Sec. 10.9)
control flag (Sec. 10.6.1.2)
crash recovery (Sec. 10.11)
creating own log (Sec. 19.9)
data recovery (Sec. 10.11)
dependencies among audit events (Sec. 10.5.3)
deselection files for audit reports (Sec. 10.10.1)
disabling system-call auditing (Sec. 19.5)
/etc/sec/auditd_clients file (Sec. 10.8)
event types (Sec. 19.2)
events (Sec. 10.5)
preselection (Sec. 10.6)
site-defined events (Sec. 10.5.2)
state-dependent information (Sec. 10.5.3)
trusted events (Sec. 10.5.1)
files (Sec. 10.1.1)
site_events file (Sec. 10.5.2)
filtering data (Sec. 10.10.1)
fixed-length tokens (Sec. 19.3.1)
generating reports (Sec. 10.10)
generating reports (Sec. 10.4.3)
getting started (Sec. 10.2)
graphic interface (Sec. 10.1.2.2)
GUI (Sec. 10.1.2.2)
ID (AUID) (Sec. 10.9)
implementation notes (Sec. 10.12)
iovec-type tokens (Sec. 19.3.1)
log files (Sec. 10.1.1)
log location (Sec. 10.4.1)
logging tools (Sec. 10.15)
login audit mask
setting (Sec. 10.6.1.3)
login process mask (Sec. 10.6.1.1)
LUID (login ID) (Sec. 10.9)
managing data (Sec. 10.6)
managing growth of data (Sec. 10.6)
masks (Sec. 10.6.1.1)
masks (Sec. 19.4)
messages (Sec. 10.1.1)
modifying for process (Sec. 19.6)
network audit hosts file (Sec. 10.8)
networked auditing (Sec. 10.8)
overflow handling (Sec. 10.4.1)
overview (Sec. 10.1)
pointer-type tokens (Sec. 19.3.1)
preselection (Sec. 10.4.2)
preselection (Sec. 10.6)
process audit mask (Sec. 10.6.1.1)
process control flag (Sec. 19.4)
processing audit information (Sec. 10.10)
processing audit information (Sec. 10.4.3)
quick start (Sec. 10.2)
record as series of tuples (Sec. 19.3)
record content (Sec. 10.9)
record generation (Sec. 19.0)
reducing audit information (Sec. 10.10)
reducing audit information (Sec. 10.4.3)
report deselection files (Sec. 10.10.1)
reports (Sec. 10.10)
reports (Sec. 10.4.3)
reports, abbreviated (Sec. 10.9.3)
responding to audit reports (Sec. 10.13)
selecting audit events (Sec. 10.4.2)
selecting events (Sec. 10.5)
self-auditing commands (Sec. 10.5.1)
site-defined events (Sec. 10.5.2)
site-defined events (Sec. 19.8)
starting (Sec. 10.2)
starting (Sec. 10.3)
stopping (Sec. 10.7)
system audit mask (Sec. 10.6.1.1)
tokens (Sec. 19.3)
tools (Sec. 10.1.2)
tracing system calls (Sec. 10.14)
trusted application (Sec. 19.0)
trusted events (Sec. 10.5.1)
tuples (Sec. 19.3)
turning off/on auditing (Sec. 10.4.1)
user audit mask
setting (Sec. 10.6.1.3)
user process mask (Sec. 10.6.1.1)
audit events
aliases for audit events (Sec. 10.6.1.4)
default events (Sec. B.1)
managing audit events (Sec. 10.6)
site-defined audit events (Sec. 10.5.2)
trusted audit events (Sec. 10.5.1)
audit ID (AUID) (Sec. 1.1.3)
audit ID (AUID) (Sec. 1.2)
audit ID (AUID) (Sec. 18.0)
audit log
reading (Sec. 19.10)
reading algorithm (Sec. 19.10.3)
tuple formats (Sec. 19.10.1)
Audit Manager graphic interface (Sec. 10.1.2.2)
audit subsystem (Sec. 1.1.3)
anonymous ftp (Sec. 3.1.4)
configuring (Sec. 7.5.1)
default auditable events (Sec. B.1)
default event aliases (Sec. B.2)
setting up (Sec. 7.7.4)
audit trail (Sec. 1.1.3)
auditable events (Sec. 10.5)
auditable events (Sec. B.1)
auditconfig command (Sec. 10.1.2.1)
auditconfig command (Sec. 10.2)
auditconfig command (Sec. 10.3)
auditconfig trusted event (Sec. 10.5.1)
auditd command (Sec. 10.1.2.1)
auditd command (Sec. 10.4.1)
auditing for applications (Sec. 10.5.2)
auditing in a cluster (Sec. F.4)
auditing tools (Sec. 10.1.2)
auditmask command (Sec. 10.1.2.1)
auditmask command (Sec. 10.4.2)
audit_daemon_exit trusted event (Sec. 10.5.1)
audit_log_change trusted event (Sec. 10.5.1)
audit_log_create trusted event (Sec. 10.5.1)
audit_log_overwrite trusted event (Sec. 10.5.1)
audit_reboot trusted event (Sec. 10.5.1)
audit_start trusted event (Sec. 10.5.1)
audit_stop trusted event (Sec. 10.5.1)
audit_subsystem
event aliases (Sec. 10.6.1.4)
audit_suspend trusted event (Sec. 10.5.1)
audit_tool command (Sec. 10.1.2.1)
audit_tool command (Sec. 10.10)
audit_tool command (Sec. 10.4.3)
audit_tool.ultrix command (Sec. 10.1.2.1)
audit_xmit_fail trusted event (Sec. 10.5.1)
AUD_MAXEVENT_LEN (Sec. 19.8)
AUD_T public audit tokens (Sec. 19.3.1)
AUD_TP private audit tokens (Sec. 19.3.2)
AUID (audit ID) (Sec. 10.9)
authck program (Sec. 12.0)
authck program (Sec. 12.2)
authentication (Sec. 18.0)
authentication (Sec. 6.3.2)
authentication (Sec. 9.1)
programming concerns (Sec. 18.0)
single sign on (Sec. 6.3.7)
authentication configuration (Sec. 7.5.4)
encryption (Sec. 7.5.4.12)
failed login records (Sec. 7.5.4.9)
login records (Sec. 7.5.4.7)
maximum login attempts (Sec. 7.5.4.4)
password aging (Sec. 7.5.4.1)
password change time (Sec. 7.5.4.2)
password-changing controls (Sec. 7.5.4.3)
profile migration (Sec. 7.5.4.10)
successful login records (Sec. 7.5.4.8)
terminal breakin (Sec. 7.5.4.5)
time between login attempts (Sec. 7.5.4.5)
time between logins (Sec. 7.5.4.6)
vouching (Sec. 7.5.4.11)
authentication database (Sec. 12.0)
authentication database (Sec. 12.1)
authentication database (Sec. 17.0)
authentication database (Sec. 9.1)
conversion (Sec. 7.1.2)
authentication in a cluster (Sec. F.3)
authentication profile (Sec. 1.2)
authentication profile (Sec. 14.2.1)
authentication profile (Sec. 17.6)
authentication profile (Sec. 18.0)
authentication profile (Sec. 2.1.1)
authentication profile (Sec. 6.5.1.1)
authentication profile (Sec. 6.5.2.1)
authentication program (Sec. 18.1)
authentication subsystem (Sec. 9.1)
authorization list
See terminal authorization list
auth_event trusted event (Sec. 10.5.1)
A_PROCMASK_SET macro (Sec. 19.6)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
B
background job (Sec. 2.6.2)
backup procedures (Sec. 14.0)
backup procedures (Sec. 7.8)
Berkeley database (Sec. 6.3.5)
binary compatibility (Sec. 6.1)
boot loading software (Sec. 14.2.12)
buffer management (Sec. 17.2.2.1)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
C
C2 features
audit (Sec. 1.1.3)
login control (Sec. 1.1.1)
password control (Sec. 1.1.2)
CDE
authorizing host access (Sec. 4.2)
secure keyboard (Sec. 4.4)
security (Sec. 4.0)
CDE session
pausing current (Sec. 4.5)
screen lock (Sec. 4.5)
CDSA (Sec. 6.3.6)
centralized account management (Sec. 9.5)
changing permissions (Sec. 5.1)
character mode terminal (Sec. 2.0)
chgrp command (Sec. 5.1)
child process
inherited file access (Sec. 16.6)
signal mask and (Sec. 16.5)
chmod command (Sec. 5.1)
chmod command (Sec. 5.1)
octal example of (Sec. 3.1.6)
chown system call
SUID or SGID permissions (Sec. 16.1)
close-on-exec flag (Sec. 16.6)
clusters
auditing (Sec. F.4)
authentication (Sec. F.3)
distributed logins (Sec. F.2.4)
NIS (Sec. F.2.4)
overview (Sec. 6.6)
restrictions (Sec. F.5)
terminal logging (Sec. F.5.2)
upgrades (Sec. F.5.1)
commands
chgrp (Sec. 5.1)
chmod (Sec. 5.1)
Common Data Security Architecture
See CDSA
configuration
ACLs (Sec. 7.5.2)
audit (Sec. 10.2)
audit (Sec. 10.3)
audit (Sec. 10.4.1)
audit (Sec. 7.5.1)
encryption (Sec. 7.5.4.12)
enhanced passwords (Sec. 7.5.3)
failed login records (Sec. 7.5.4.9)
login records (Sec. 7.5.4.7)
maximum login attempts (Sec. 7.5.4.4)
password aging (Sec. 7.5.4.1)
password change time (Sec. 7.5.4.2)
password-changing controls (Sec. 7.5.4.3)
profile migration (Sec. 7.5.4.10)
security features (Sec. 7.5)
succesful login records (Sec. 7.5.4.8)
terminal breakin (Sec. 7.5.4.5)
time between login attempts (Sec. 7.5.4.5)
time between logins (Sec. 7.5.4.6)
vouching (Sec. 7.5.4.11)
configuring enhanced security (Sec. 6.4.1)
connecting to other systems (Sec. 3.0)
console file (Sec. 14.2.8)
console messages
audit (Sec. 10.1.1)
content of audit records (Sec. 10.9)
control flag
audit control flag (Sec. 10.6.1.2)
convauth command (Sec. 7.1.2)
core files (Sec. 16.5)
crack (Sec. 6.3.8)
crash recovery
audit data (Sec. 10.11)
create_file_securely() library routine (Sec. 17.4)
creating accounts (Sec. 7.6)
creating accounts (Sec. 9.1)
creating groups (Sec. 7.6)
creating groups (Sec. 9.2.1)
crypt()
support (Sec. 7.5.4.12)
cu command (Sec. 3.3.2)
example of (Sec. 3.3.2)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
D
DAC
protecting the TCB (Sec. 15.5)
daemon programs (Sec. 18.3)
data
storing in a secure location (Sec. 16.3)
data files (Sec. 15.4)
data loss (Sec. 14.0)
database
writing entries (Sec. 17.2.2.5)
databases (Sec. 6.3.5)
accessing (Sec. 17.1)
enhanced password (Sec. 14.2.1)
entries (Sec. 17.2)
fields (Sec. 17.2)
file control (Sec. 12.3)
groups (Sec. 14.2.6)
system defaults (Sec. 17.2)
terminal control (Sec. 17.2.1)
update (Sec. 17.2.2)
update (Sec. 17.2.2.5)
dcp command (Sec. 3.4)
DECnet protocol (Sec. 3.0)
DECnet protocol (Sec. 3.4)
dcp command (Sec. 3.4)
dlogin command (Sec. 3.4)
dls command (Sec. 3.4)
generic guest accounts (Sec. 3.4)
defaults database (Sec. 6.5.2.2)
deleting layered security products (Sec. 13.6)
deleting user accounts (Sec. 9.2.4)
denial of service (Sec. 6.2)
dependencies among audit events (Sec. 10.5.3)
deselection files for audit reports (Sec. 10.10.1)
/dev/console file (Sec. 14.2.8)
/dev/pts/* file (Sec. 14.2.9)
/dev/tty* file (Sec. 14.2.9)
device assignment database (Sec. 12.1)
devices (Sec. 8.1)
assignment (Sec. 6.5.1.1)
assignment (Sec. 7.7.3)
assignment (Sec. 8.1)
database (Sec. 17.3)
database (Sec. 6.5.2.5)
databases (Sec. 8.2)
defaults (Sec. 8.1)
installation (Sec. 8.1)
differences between file and directory permissions (Sec. 5.1)
directories
permissions (Sec. 5.1)
disabled accounts (Sec. 9.2.2)
display access (Sec. 4.1)
distributed logins in a cluster (Sec. F.2.4)
dlogin command (Sec. 3.4)
dls command (Sec. 3.4)
DOP (Sec. G.0)
dtterm window
protecting (Sec. 4.4)
dxaccounts program (Sec. 6.4)
dxaccounts program (Sec. 6.4)
dxaudit program (Sec. 6.4)
dxaudit program (Sec. 6.4)
dxdevices program (Sec. 6.4)
dxdevices program (Sec. 6.4)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
E
EACCES errno value (Sec. 16.2)
effective group ID (Sec. 2.1.1)
effective user ID (Sec. 2.1.1)
EGID
See effective group ID
encrypted password (Sec. 14.2.1)
encrypted password (Sec. 17.6)
encryption configuration (Sec. 7.5.4.12)
enhanced password database (Sec. 12.1)
enhanced password database (Sec. 14.2.1)
enhanced password database (Sec. 17.6)
enhanced password database (Sec. 18.0)
enhanced password database (Sec. 18.4)
enhanced password database (Sec. 6.5.2.1)
enhanced passwords (Sec. 7.5.3)
enhanced passwords (Sec. 9.5.4)
enhanced profile configuration (Sec. 7.5.4)
enhanced security
entry points (Sec. D.1)
EPERM errno value (Sec. 16.2)
EROFS errno value (Sec. 16.2)
errno variable (Sec. 16.2)
/etc/auth/system/default file (Sec. 14.2.3)
/etc/auth/system/devassign file (Sec. 14.2.4)
/etc/auth/system/ttys file (Sec. 17.7)
/etc/auth/system/ttys.db file (Sec. 14.2.2)
/etc/group file (Sec. 14.2.6)
/etc/hosts.equiv file
interaction with .rhosts file (Sec. 3.1.3)
security concerns (Sec. 3.1.2)
/etc/passwd file (Sec. 12.2)
/etc/passwd file (Sec. 14.2.5)
/etc/passwd file (Sec. 17.6)
/etc/passwd file (Sec. 18.4)
/etc/sec/auditd_clients file (Sec. 10.8)
/etc/sec/audit_events file (Sec. B.1)
/etc/sec/event_aliases file (Sec. 10.6.1.4)
/etc/sec/event_aliases file (Sec. B.2)
/etc/sec/site_events file (Sec. 10.5.2)
/etc/sec/site_events file (Sec. 19.8)
/etc/sysconfigtab
setting audit-site-events (Sec. 19.8)
EUID
See effective user ID
evasion time configuration (Sec. 7.5.4.5)
events
aliases (Sec. B.2)
audit (Sec. 19.2)
audit (Sec. B.1)
example
ACL creation (Sec. 21.5)
ACL inheritance (Sec. 21.6)
ACL permission removal (Sec. 21.6)
application-specific audit record (Sec. 19.7)
audgenl() (Sec. 19.1)
audit tuple parsing macros (Sec. 19.10.3)
audit: iovec-type record (Sec. 19.3.1)
auditmask (Sec. 19.6)
site-defined audit event (Sec. 19.8.2)
executable stack (Sec. 16.1)
execute permission (Sec. 5.1)
execve system call (Sec. 16.5)
extended passwords
See enhanced passwords
external representation
ACL (Sec. 21.2.2)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
F
fcntl system call
close-on-exec flag (Sec. 16.6)
features
audit (Sec. 6.3.1)
file attributes (Sec. 14.3)
file control database (Sec. 12.3)
description (Sec. 17.4)
description (Sec. 6.5.2.4)
location (Sec. 12.1)
file descriptors (Sec. 16.6)
file permissions (Sec. 5.1)
remote sessions (Sec. 3.1.6)
file summary (Sec. A.0)
file systems (Sec. 6.5.1.2)
files
protecting (Sec. 16.3)
protecting (Sec. 5.1)
required (Sec. 14.2)
filtering audit data (Sec. 10.10.1)
firewall product (Sec. 6.3.8)
fork system call (Sec. 16.5)
fork system call (Sec. 18.1)
ftp command (Sec. 3.1.4)
description of (Sec. 3.1.4)
security risks of anonymous ftp (Sec. 3.1.4)
use of .netrc file with (Sec. 3.1.4)
FTP protocol (Sec. 3.0)
fverfy command (Sec. 14.3)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
G
generating audit reports (Sec. 10.10)
generating audit reports (Sec. 10.4.3)
getacl command (Sec. 5.4)
getluid system call (Sec. 18.1)
getty command (Sec. 2.6.2)
GID
See group ID
graphic interface
for audit subsystem (Sec. 10.1.2.2)
group database (Sec. 14.2.6)
groups
creating (Sec. 7.6)
creating (Sec. 9.2.1)
database file (Sec. 14.2.6)
supplementary (Sec. 2.1.1)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
H
hardware privilege (Sec. 6.2)
header files (Sec. 15.1)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
I
I and A (Sec. 1.2)
I and A (Sec. 18.0)
I and A (Sec. 6.3.2)
identification (Sec. 18.0)
identification and authentication
See I and A
installation (Sec. 7.1)
installing enhanced security (Sec. 6.4.1)
installing layered security products (Sec. 13.4)
integrating security mechanisms (Sec. 20.11)
integrity (Sec. 12.0)
integrity (Sec. 6.2)
integrity (Sec. 6.2)
integrity (Sec. 6.5.1.1)
integrity (Sec. 6.5.2.4)
features (Sec. 6.3.4)
Internet Express (Sec. 6.3.8)
interprocess communication
security consideration (Sec. 16.3)
introduction for administrators (Sec. 6.0)
introduction for users (Sec. 1.0)
iovec
audit record using (Sec. 19.3.1)
ISSO
tasks (Sec. 7.7)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
K
keyboard
securing (Sec. 16.7.1)
securing in CDE environment (Sec. 4.4)
keyboard input (Sec. 4.4)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
L
LAT
description of (Sec. 3.2)
protocol (Sec. 3.0)
protocol groups (Sec. 3.2)
libaud library (Sec. 15.1)
libraries
as part of the TCB (Sec. 15.4)
routines (Sec. 15.3)
routines for ACLs (Sec. 21.3)
security relevent (Sec. 15.1)
libsecurity library (Sec. 15.1)
Local Area Transport
See LAT
lock file (Sec. 14.1)
locked accounts (Sec. 9.2.2)
log files (Sec. 10.1.1)
log files (Sec. 10.15)
designating (Sec. 10.4.1)
logging in (Sec. 2.1)
to remote systems with rlogin (Sec. 3.1.1)
logging tools (Sec. 10.15)
login (Sec. 2.1)
audit mask (Sec. 10.6.1.1)
audit mask, setting (Sec. 10.6.1.3)
enhancements (Sec. 1.1.1)
invalidating terminal file descriptors (Sec. 2.6.2)
login ID (LUID) (Sec. 10.9)
maximum tries configuration (Sec. 7.5.4.4)
problems (Sec. 2.6.6)
records configuration (Sec. 7.5.4.7)
setting password during (Sec. 2.2)
shell (Sec. 2.1.1)
trusted event (Sec. 10.5.1)
user ID (AUID) (Sec. 2.1.1)
login command (Sec. 2.6.2)
login records configuration (Sec. 7.5.4.8)
login records configuration (Sec. 7.5.4.9)
login timouts (Sec. 8.2)
login tips (Sec. 2.5)
login user ID (Sec. 2.3)
logout tips (Sec. 2.5)
logout trusted event (Sec. 10.5.1)
LUID (login ID) (Sec. 10.9)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
M
macro
audit tuple parsing (Sec. 19.10.3)
maintaining accounts (Sec. 9.1)
matrix.conf file (Sec. 13.3)
matrix.conf file (Sec. 20.16)
mechanism-dependent interface (Sec. 20.17)
migration issues
NIS (Sec. 9.5.4)
MIN_SITE_EVENT (Sec. 19.8)
modem
with tip and cu commands (Sec. 3.3.2)
with UUCP utility (Sec. 3.3)
modifying database entries (Sec. 17.2.2.5)
modifying the account template (Sec. 9.2.5)
modifying user accounts (Sec. 9.1)
mouse
securing (Sec. 16.7.2)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
N
naming routines (Sec. D.2)
need-to-know access (Sec. 6.2)
.netrc (Sec. 3.1.4)
network
audit hub (Sec. 10.8)
auditing across a network (Sec. 10.8)
network protocols (Sec. 3.0)
network security concerns (Sec. 4.2)
.rhosts file (Sec. 3.1.3)
anonymous ftp (Sec. 3.1.4)
DECnet generic guest accounts (Sec. 3.4)
/etc/hosts.equiv file (Sec. 3.1.2)
file permissions (Sec. 3.1.6)
tip and cu commands (Sec. 3.3.2)
UUCP commands (Sec. 3.3)
workstation display access (Sec. 4.2)
NIS
account management (Sec. 9.5)
automated procedures (Sec. 9.5.1.2)
backing out (Sec. 9.5.5)
client setup (Sec. 9.5.3)
large databases (Sec. 9.5.1.2)
master server setup (Sec. 9.5.1)
migration (Sec. 9.5.4)
overrides (Sec. 9.1.2.1)
overrides (Sec. 9.1.2.2)
slave server setup (Sec. 9.5.2)
user account database (Sec. 9.1.2.1)
null password (Sec. 18.4)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
O
object code (Sec. 15.4)
open file descriptor (Sec. 16.6)
operational features (Sec. 6.2)
overflow handling
audit (Sec. 10.4.1)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
P
passwd file (Sec. 14.2.5)
password (Sec. 18.0)
password (Sec. 18.6)
password (Sec. 2.2)
aging (Sec. 2.2.3)
aging configuration (Sec. 7.5.4.1)
change time configuration (Sec. 7.5.4.2)
choosing (Sec. 2.2)
coding example (Sec. C.0)
configuration (Sec. 7.5.4)
controls configuration (Sec. 7.5.4.3)
database (Sec. 14.2.5)
enhanced (Sec. 7.5.3)
enhanced database (Sec. 6.5.2.1)
enhancements (Sec. 1.1.2)
expiration (Sec. 2.1)
expiration (Sec. 2.2.3)
expiration time (Sec. 2.6.1)
maximum tries configuration (Sec. 7.5.4.4)
new accounts (Sec. 9.2.2)
random character (Sec. 2.2.1)
random letter (Sec. 2.2.1)
random pronounceable (Sec. 2.2.1)
setting and changing (Sec. 2.2)
system-generated (Sec. 2.2.2)
threats (Sec. 3.1.2)
tips (Sec. 2.4)
password changing (Sec. 2.2)
PATH variable
defining (Sec. 16.4)
null entry in (Sec. 16.4)
secure shell scripts (Sec. 16.8)
pathname
absolute (Sec. 16.4)
relative (Sec. 16.4)
pausing CDE sessions (Sec. 4.5)
permanent file (Sec. 16.3)
permissions
changing (Sec. 5.1)
directory (Sec. 5.1)
physical device (Sec. 6.5.2.5)
physical security
in CDE environment (Sec. 4.6)
preselection of audit events (Sec. 10.4.2)
preselection of audit events (Sec. 10.6)
private audit tokens (Sec. 19.3.2)
privileges (Sec. G.0)
process
audit control flag (Sec. 19.4)
process audit mask (Sec. 10.6.1.1)
process priority (Sec. 17.6)
profile migration configuration (Sec. 7.5.4.10)
programming in the trusted environment (Sec. 15.0)
protected passwords
See enhanced passwords
protected subsystem pseudogroup (Sec. 17.2.2)
protected subsystems (Sec. 6.5.2)
protecting files (Sec. 5.1)
access control list (ACL) (Sec. 2.6.5)
protecting removable media (Sec. 4.6)
prpasswd file (Sec. 9.5.4)
pseudoterminal (Sec. 14.2.9)
pts/* file (Sec. 14.2.9)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
R
rcp command (Sec. 3.1.1)
rc[023] files (Sec. 14.2.7)
read permission (Sec. 5.1)
read-only file systems (Sec. 15.5)
recovering
ACLs (Sec. 11.4)
audit data (Sec. 10.11)
reducing audit data (Sec. 10.10)
reducing audit data (Sec. 10.4.3)
relative pathname (Sec. 16.4)
remote auditing (Sec. 10.8)
remote commands (Sec. 3.1.1)
remote file transfer
with UUCP utility (Sec. 3.3)
remote login
suggestions for tip and cu commands (Sec. 3.3.2)
using dlogin command (Sec. 3.4)
using rlogin command (Sec. 3.1.1)
using tip and cu commands (Sec. 3.3.2)
remote systems
in .rhosts file (Sec. 3.1.3)
in /etc/hosts.equiv file (Sec. 3.1.2)
reports
audit reports (Sec. 10.10)
audit reports (Sec. 10.4.3)
required files (Sec. 14.2)
responding to audit reports (Sec. 10.13)
responsibilities
user (Sec. 1.3)
retiring user accounts (Sec. 9.2.3)
.rhosts file
interaction with /etc/hosts.equiv file (Sec. 3.1.3)
security concerns (Sec. 3.1.3)
rlogin command (Sec. 3.1.1)
role responsibilities (Sec. 6.5.1)
root authentication profile (Sec. 14.2.1)
root user (Sec. 2.3)
rsh command (Sec. 3.1.1)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
S
screen lock in CDE sessions (Sec. 4.5)
secconfig command (Sec. 7.4)
secure devices (Sec. 8.1)
secure keyboard (Sec. 4.4)
Secure Keyboard menu item (Sec. 16.7.1)
security
authentication programming concerns (Sec. 18.0)
features (Sec. 1.1)
security breach
possible program responses to (Sec. 16.2)
Security Integration Architecture
See SIA
security policy (Sec. 6.2)
security policy (Sec. E.2)
security requirements (Sec. 8.1)
security-sensitive commands (Sec. 20.1)
segment sharing (Sec. 7.2)
segments (Sec. 16.3)
selecting audit events (Sec. 10.4.2)
semaphores (Sec. 16.3)
set group ID
See SGID
set user ID
See SUID
setluid system call (Sec. 18.1)
setting up a trusted system (Sec. 7.0)
setting up enhanced security (Sec. 7.5)
set_auth_parameters() library routine (Sec. 18.2)
SGID
set group ID on execution (Sec. 2.6.4)
set group ID programs (Sec. 16.1)
shadowed passwords
See enhanced passwords
shared libraries (Sec. 7.2)
shell
defining variables (Sec. 16.4)
path variable syntax (Sec. 16.4)
rsh command invokes remote (Sec. 3.1.1)
shell process (Sec. 2.3)
shell script (Sec. 15.4)
security consideration (Sec. 16.8)
shell variable
specific shell variables (Sec. 16.4)
SIA
accessing secure information (Sec. 20.14)
administering (Sec. 13.0)
audit logging (Sec. 20.10)
callbacks (Sec. 20.7)
changing a user shell (Sec. 20.13.3)
changing finger information (Sec. 20.13.2)
changing secure information (Sec. 20.13)
coding example (Sec. C.0)
debugging (Sec. 20.10)
deleting layered security product (Sec. 13.6)
group information (Sec. 20.14.2)
header files (Sec. 20.5)
initialization (Sec. 20.3)
installing layered security product (Sec. 13.4)
installing layered security product (Sec. 13.5)
integrating mechanisms (Sec. 20.11)
interface routines (Sec. 20.1)
layering (Sec. 20.2)
login process (Sec. 20.12.6.1)
logs (Sec. 20.10)
maintaining state (Sec. 20.8)
matrix.conf file (Sec. 13.3)
matrix.conf file (Sec. 20.16)
mechanism-dependent interface (Sec. 20.17)
packaging layered products (Sec. 20.16)
parameter collection (Sec. 20.15)
parameter collection (Sec. 20.7)
password, accessing (Sec. 20.14.1)
passwords, changing (Sec. 20.13.1)
programming (Sec. 20.0)
return values (Sec. 20.12)
return values (Sec. 20.9)
rlogind process (Sec. 20.12.6.3)
rshd process (Sec. 20.12.6.2)
security-sensitive commands (Sec. 20.1)
session authentication (Sec. 20.12.2)
session establishment (Sec. 20.12.3)
session initialization (Sec. 20.12.1)
session launch (Sec. 20.12.4)
session processing (Sec. 20.12)
session release (Sec. 20.12.5)
SIAENTITY structure (Sec. 20.6)
siainit command (Sec. 20.3)
sialog file (Sec. 20.10)
vouching (Sec. 20.11)
signal
secure response to (Sec. 16.5)
signal routine (Sec. 16.5)
SIGQUIT signal
security consideration (Sec. 16.5)
SIGTRAP signal
security consideration (Sec. 16.5)
single sign on
See SSO
single-user mode (Sec. 14.2.1)
site-defined audit events (Sec. 10.5.2)
site-defined audit events (Sec. 19.8)
site_events file (Sec. 19.8)
SSO (Sec. 6.3.7)
stack
executable (Sec. 16.1)
standalone system
ACLs (Sec. 11.5)
starting the audit subsystem (Sec. 10.2)
starting the audit subsystem (Sec. 10.3)
startup script (Sec. 18.1)
state-dependent audit events (Sec. 10.5.3)
sticky bit (Sec. 15.5)
setting (Sec. 2.6.3)
using to secure temporary files (Sec. 16.3)
UUCP directory (Sec. 3.3.1)
sticky directory (Sec. 2.6.3)
strong symbols (Sec. D.2)
su command (Sec. 2.3)
subset installation (Sec. 7.1)
SUID
executable stack (Sec. 16.1)
set user ID on execution (Sec. 2.6.4)
set user ID programs (Sec. 16.1)
superuser authority (Sec. 5.1)
supplementary groups (Sec. 2.1.1)
symbol preemption (Sec. D.1)
system administrator
remote file transfer concerns (Sec. 3.1.4)
tasks (Sec. 7.6)
system audit mask (Sec. 10.6.1.1)
system call
common return value (Sec. 16.2)
security consideration for a failed call (Sec. 16.2)
system call tracing (Sec. 10.14)
system console (Sec. 14.2.2)
system console (Sec. 14.2.8)
system defaults database
description (Sec. 17.5)
description (Sec. 6.5.2.2)
undefined fields (Sec. 17.2)
updating (Sec. 8.2)
system startup (Sec. 14.0)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
T
TCB (Sec. 15.4)
TCB (Sec. 6.2)
defining a trusted system (Sec. 6.2)
executable file (Sec. 15.4)
hardware privilege (Sec. 6.2)
indirect programs (Sec. 15.4)
kernel (Sec. 6.2)
security configuration (Sec. 15.1)
trusted program (Sec. 15.4)
trusted system directories (Sec. 15.2)
/tcb/files/auth/r/root file (Sec. 14.2.1)
TCP/IP protocol (Sec. 3.0)
tcpwrapper (Sec. 6.3.8)
templates for user accounts (Sec. 9.1.1.3)
temporary files (Sec. 16.3)
temporary files (Sec. 17.4)
terminal authorization list (Sec. 2.1.2)
terminal breakin configuration (Sec. 7.5.4.5)
terminal character mode (Sec. 2.0)
terminal control database (Sec. 12.1)
terminal control database (Sec. 17.2.1)
terminal control database (Sec. 17.7)
terminal control database (Sec. 6.5.2.3)
terminal control database (Sec. 8.2)
terminal devices (Sec. 7.7.3)
terminal devices (Sec. 8.1)
terminal file descriptors
invalidating (Sec. 2.6.2)
terminal logging (Sec. F.5.2)
terminal session
security suggestions (Sec. 3.3.2)
tftp command (Sec. 3.1.5)
description of (Sec. 3.1.5)
TFTP protocol (Sec. 3.0)
time delay (Sec. 17.7)
tip command (Sec. 3.3.2)
tmp file
security consideration (Sec. 16.4)
token
audit fixed-length (Sec. 19.3.1)
audit iovec-type (Sec. 19.3.1)
audit pointer-type (Sec. 19.3.1)
audit private (Sec. 19.3.2)
audit public (Sec. 19.3.1)
traditional file protection mechanism
group (Sec. 5.5)
owner (Sec. 5.5)
permission bits (Sec. 5.5)
traditional logging (Sec. 10.15)
traditional security (Sec. 1.1)
tripwire (Sec. 6.3.8)
trojan horse program (Sec. 3.3.2)
troubleshooting (Sec. 14.0)
trusted computing base
See TCB
trusted events (Sec. 10.5.1)
trusted program (Sec. 15.4)
trusted programming techniques (Sec. 16.0)
trusted Tru64 UNIX
tty* file (Sec. 14.2.9)
tuple
common to audit logs (Sec. 19.10.1)
detailed description (Sec. 19.10.2)
parsing audit (Sec. 19.10.3)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
U
umask system call (Sec. 21.4.1)
using to secure temporary files (Sec. 16.3)
undefined field (Sec. 17.2)
UNIX-to-UNIX Copy Program
See UUCP utility
unlink system call
protecting file access (Sec. 16.3)
update installation (Sec. 7.1.2)
user audit mask (Sec. 10.6.1.1)
setting (Sec. 10.6.1.3)
user ID (Sec. 2.1.1)
effective (EUID) (Sec. 2.1.1)
real (RUID) (Sec. 2.1.1)
user input
security consideration (Sec. 16.7.1)
/usr/spool/uucppublic directory (Sec. 3.3.1)
/usr/tmp file (Sec. 16.4)
uucp command (Sec. 3.3.1)
UUCP utility (Sec. 3.3)
uux command (Sec. 3.3.3)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
V
vouching (Sec. 20.11)
vouching configuration (Sec. 7.5.4.11)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
W
weak symbols (Sec. D.2)
windowing environment (Sec. 4.0)
working storage
ACL (Sec. 21.2.1)
workstation
See also CDE
physical security (Sec. 4.6)
protecting removable media (Sec. 4.6)
workstation environment (Sec. 4.0)
workstation physical security (Sec. 4.6)
write permission (Sec. 5.1)
|
Click letter for quick access: [Special Characters] A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
X
X displays (Sec. 8.2)
X environment
use of in a secure environment (Sec. 16.7.1)
writing secure programs in (Sec. 16.7)
X window
See X environment
XGrabKeyboard() routine (Sec. 16.7.1)
XReparentWindow() routine
using in a secure environment (Sec. 16.7.3)
XSendEvent() routine (Sec. 16.7.2)