![[Return to Library]](BOOKSHELF.GIF)
![[Contents]](TOC.GIF)
![[Previous Chapter]](REW.GIF)
![[Next Chapter]](FF.GIF)
![[Index]](INDEX.GIF)
![[Help]](HELP.GIF)
Table A-1 contains a summary of all the files that are in the trusted computing base (TCB) on the trusted Digital UNIX system. Most of these files are installed on the base system, some of the files are created during the installation process, and some are databases created by a running system. Characteristics of those files are included in the Remarks column of the table.
| File Name | Remarks |
| /.cshrc | Root account csh startup script |
| /.login | Root account csh startup script |
| /.logout | Root account csh logout script |
| /.profile | Root account startup script |
| /vmunix | OS execution image |
| /dev/[rz][0-3][a-z] | Block device disk partitions |
| /dev/console | System console device used in single-user mode |
| /dev/kmem | Kernel memory pseudodevice |
| /dev/mem | Kernel memory pseudodevice |
| /dev/null | Bit bucket pseudodevice |
| /dev/pts/* | Pseudo-ttys |
| /dev/rrz[0-3][a-z] | Character device disk partitions |
| /dev/tty | Current terminal pseudodevice |
| /dev/tty[0-f] | Terminal devices |
| /dev/tty* | Pseudo-ttys |
| /etc/auth/system/default | System defaults database |
| /etc/auth/system/devassign | Device assignment database |
| /etc/auth/system/files | File control database |
| /etc/auth/system/gr_id_map | Binary group name to ID map |
| /etc/auth/system/pw_id_map | Binary user name to ID map |
| /etc/auth/system/subsystems | Printable names for protected subsystems |
| /etc/auth/system/ttys.db | Terminal control database |
| /etc/fstab | Contains file systems to be mounted |
| /etc/group | Groups database |
| /etc/inittab | System initialization control file |
| /etc/passwd | Accounts database |
| /sbin/arp | Address resolution protocol (networking) |
| /sbin/chown | Change file owner |
| /sbin/clri | Clear on-disk inode |
| /sbin/date | Display/change time of day |
| /sbin/df | Display file system free space |
| /sbin/fsck | File system consistency checker |
| /sbin/fsdb | File system debugger |
| /sbin/halt | Bring system down |
| /sbin/hostid | Display/set system host ID |
| /sbin/hostname | Display/set host name |
| /sbin/ifconfig | Display/change network interface config (BSD networking) |
| /sbin/kill | Send software signal to process |
| /sbin/killall | Kill all active processes |
| /sbin/mknod | Create special files |
| /sbin/mount | Mount file systems or display mount table |
| /sbin/newfs | Format disk partition |
| /sbin/ping | Send ICMP alive request (BSD networking) |
| /sbin/ps | Display process status |
| /sbin/rc[0-3].d | System setup scripts |
| /sbin/reboot | Reboot the system |
| /sbin/route | Manage route tables (BSD networking) |
| /sbin/savecore | Dump memory image after crash |
| /sbin/sh | Shell |
| /sbin/sulogin | Single-user root login password verifier |
| /sbin/swapon | Add swap devices |
| /sbin/umount | Unmount mounted file systems |
| /tcb/bin/XIsso | ISSO role program |
| /tcb/bin/XSysadmin | System administrator role program |
| /tcb/bin/authck | Security database consistency checker |
| /usr/tcb/bin/edauth | Authcap database editor |
| /usr/tcb/bin/convauth | Convert auth databases |
| /usr/tcb/bin/convuser | Convert user profile |
| /tcb/files/auth/<a-z>/username | Protected password file |
| /tcb/files/auth.db | Protected password database for system accounts |
| /var/tcb/files/auth.db | Protected password database for user accounts |
| /tmp | Temporary directory |
| /users | Parent of users home directory |
| /usr/bin/at | Delayed job submission |
| /usr/bin/atq | List delayed job submissions |
| /usr/bin/atrm | Remove delayed job submissions |
| /usr/bin/cancel | Cancel a print request |
| /usr/bin/chgrp | Change file group |
| /usr/bin/cpio | Perform single-level import/export |
| /usr/bin/crontab | Periodic job table submission |
| /usr/bin/csh | Root account shell |
| /usr/bin/finger | Display account information |
| /usr/bin/from | Display mail headers |
| /usr/bin/ipcs | Display system V IPC object status |
| /usr/bin/login | Login program |
| /usr/bin/lp | Submit print request |
| /usr/bin/lpr | Submit print request |
| /usr/bin/lprm | Cancel print request |
| /usr/bin/lpstat | Display print subsystem status |
| /var/spool/mail/ | Mail directory |
| /usr/bin/mesg | Disable/enable terminal messages |
| /usr/bin/mt | Manipulate tape device |
| /usr/bin/newgrp | Change process group assignment |
| /usr/bin/nice | Run process with different priority |
| /usr/bin/passwd | Password change program |
| /usr/bin/rcp | Network copy (BSD networking) |
| /usr/bin/rlogin | Network login (BSD networking) |
| /usr/bin/rsh | Remote shell (BSD networking) |
| /usr/bin/tar | Perform single-level import/export |
| /usr/bin/write | Open connection to another user/window |
| /usr/lbin/acct/accton | Enable system accounting |
| /usr/lbin/ex3.7preserve | Preserve an interrupted edit session |
| /usr/sbin/cron | Delayed/periodic job daemon |
| /usr/sbin/dcheck | Directory check utility |
| /usr/sbin/dumpfs | Display superblock |
| /usr/sbin/edquota | Edit quota controls |
| /usr/sbin/fastboot | Bring system down |
| /usr/sbin/fasthalt | Bring system down |
| /usr/sbin/icheck | Inode check utility |
| /usr/sbin/link | Perform link(2) system call |
| /usr/sbin/lpc | Line printer control program |
| /usr/sbin/lpd | Line printer daemon |
| /usr/sbin/mkpasswd | Create binary database from /etc/passwd |
| /usr/sbin/ncheck | Display file associated with inode number |
| /usr/sbin/netstat | Display network statistics |
| /usr/sbin/nfsstat | Display NFS statistics (NFS) |
| /usr/sbin/quot | Disk quota maintenance command |
| /usr/sbin/quotacheck | Disk quota maintenance command |
| /usr/sbin/quotaoff | Disk quota maintenance command |
| /usr/sbin/quotaon | Disk quota maintenance command |
| /usr/sbin/renice | Change priority of running command |
| /usr/sbin/repquota | Disk quota report |
| /usr/sbin/shutdown | System shutdown program |
| /usr/sbin/trpt | System reporting program |
| /usr/sbin/tunefs | Change values in super block |
| /usr/sbin/vipw | Manipulate /etc/passwd file |
| /usr/sbin/wall | Send message to all logged in users |
| /usr/share/lib/sechelp/ | Help files for user interface programs |
| /usr/shlib/libsecurity.so | Security-relevant library routines |
| /var/adm/cron/ | Administrative control files for cron |
| /var/adm/pacct | Accounting file |
| /var/adm/utmp | Hold user and accounting information (current) |
| /var/adm/wtmp | Hold user and accounting information (since boot) |
Table A-2 lists files that are installed on the trusted system but not on a nontrusted system, and files that are modified on a trusted system. The files in this table are not considered part of the trusted computing base.
| File Name | Remarks |
| /usr/include/*.h | Many files modified/added |
| /usr/include/sys/*.h | Many files modified/added |
| /usr/lib/libsecurity.a | Security-relevant library routines |