Index Index for
Section 4
Index Alphabetical
listing for M
Bottom of page Bottom of
page		 

matrix.conf(4)


NAME

  matrix.conf - SIA (Security Integration Architecture) configuration file


DESCRIPTION

  The matrix.conf file provides the means to configure the SIA security
  mechanisms for security sensitive commands.  Each security mechanism
  provider should either use the siacfg command to update the matrix.conf
  file or provide a new matrix.conf file to support their security product.

  The operating system is provided with a default BSDmatrix.conf file.	When
  the sysman secconfig utility is run to enable enhanced security, the
  operating system modifies the matrix.conf file to use the enhanced security
  mechanism.  See the EXAMPLES section for samples of the default files.

  The commands affected by the SIA mechanism and matrix.conf file include:

       rshd
       ftpd
       chfn
       chsh
       su
       login
       passwd

  The Security manual contains a detailed description of the SIA programming
  interface and as well as a description of the administration of the
  associated /etc/sia/matrix.conf files.


EXAMPLES

  The following is the default BSD (Base) security mechanism
  /etc/sia/matrix.conf file:

       #
       # sia matrix configuration file (BSD only)
       #
       siad_init=(BSD,libc.so)
       siad_chk_invoker=(BSD,libc.so)
       siad_ses_init=(BSD,libc.so)
       siad_ses_authent=(BSD,libc.so)
       siad_ses_estab=(BSD,libc.so)
       siad_ses_launch=(BSD,libc.so)
       siad_ses_suauthent=(BSD,libc.so)
       siad_ses_reauthent=(BSD,libc.so)
       siad_chg_finger=(BSD,libc.so)
       siad_chg_password=(BSD,libc.so)
       siad_chg_shell=(BSD,libc.so)
       siad_getpwent=(BSD,libc.so)
       siad_getpwuid=(BSD,libc.so)
       siad_getpwnam=(BSD,libc.so)
       siad_setpwent=(BSD,libc.so)
       siad_endpwent=(BSD,libc.so)
       siad_getgrent=(BSD,libc.so)
       siad_getgrgid=(BSD,libc.so)
       siad_getgrnam=(BSD,libc.so)
       siad_setgrent=(BSD,libc.so)
       siad_endgrent=(BSD,libc.so)
       siad_ses_release=(BSD,libc.so)
       siad_chk_user=(BSD,libc.so)

  The following is the default enhanced security (C2) mechanism
  /etc/sia/matrix.conf file:

       siad_init=(BSD,libc.so)
       siad_chk_invoker=(OSFC2,/usr/shlib/libsecurity.so)
       siad_ses_init=(OSFC2,/usr/shlib/libsecurity.so)
       siad_ses_authent=(OSFC2,/usr/shlib/libsecurity.so)
       siad_ses_estab=(OSFC2,/usr/shlib/libsecurity.so)
       siad_ses_launch=(OSFC2,/usr/shlib/libsecurity.so)
       siad_ses_suauthent=(OSFC2,/usr/shlib/libsecurity.so)
       siad_ses_reauthent=(OSFC2,/usr/shlib/libsecurity.so)
       siad_chg_finger=(OSFC2,/usr/shlib/libsecurity.so)
       siad_chg_password=(OSFC2,/usr/shlib/libsecurity.so)
       siad_chg_shell=(OSFC2,/usr/shlib/libsecurity.so)
       siad_getpwent=(BSD,libc.so)
       siad_getpwuid=(BSD,libc.so)
       siad_getpwnam=(BSD,libc.so)
       siad_setpwent=(BSD,libc.so)
       siad_endpwent=(BSD,libc.so)
       siad_getgrent=(BSD,libc.so)
       siad_getgrgid=(BSD,libc.so)
       siad_getgrnam=(BSD,libc.so)
       siad_setgrent=(BSD,libc.so)
       siad_endgrent=(BSD,libc.so)
       siad_ses_release=(OSFC2,/usr/shlib/libsecurity.so)
       siad_chk_user=(OSFC2,/usr/shlib/libsecurity.so)


FILES

  /etc/sia/matrix.conf
	      SIA configuration file


RELATED INFORMATION

  Commands: chfn(1), chsh(1), su(1), login(1), passwd(1), sialog(4), rshd(8),
  ftpd(8), secconfig(8), siacfg(8)

  Security

Index Index for
Section 4
Index Alphabetical
listing for M
Top of page Top of
page