This blog, written by Michael Felt, discusses AIX security topics. Articles on IBM AIX security including PowerSC, AIX RBAC, AIX shell scripting, passwords and user security. RBAC or Role Based Access Control has been available in AIX since starting with AIX Prior to that, access control is AIX was the same as for any .
|Published (Last):||2 July 2006|
|PDF File Size:||10.63 Mb|
|ePub File Size:||6.78 Mb|
|Price:||Free* [*Free Regsitration Required]|
Giving authority to a non-root user to execute commands like shutdown is not suggested or recommended.
Role-based access control in simple steps
Traditionally, there is a single user, root, that controls the security mechanism of the system. None of the above, continue with my search. Establishing and maintaining security policy Setting passwords for rbca Network configuration Device administration SA – Systems Administrator The SA role provides authorizations for daily administration and includes: It is the single user which controls the system and the system as such does not have any control over the activities within the system.
Roles are assigned to users and users having the defined role should be able to execute. To summarize, authorizations can be assigned to an executable command.
How-to Integrate Applications Into AIX RBAC
Exit out of the role session If the role was not set as a default role, the user can exit the role-enabled session back to their normal work environment. The file paths used i. Written by Michael Felt. However, for a real environment, the data owner and application management user identities should be different.
Establishing and maintaining security policy Setting passwords for user Network configuration Device configuration. The system works by having front-end programs that are accessible via group or other permission bits.
Start investigating Now you are ready to start investigating what a non-root user can and cannot do with regard to starting and stopping httpd services. A role is a list of all the authorizations needed to complete a task. Contact and feedback Need support? Check here to start a new brac search.
This makes it the most powerful role on the system.
This can be done from any source. Sign in or register to add and subscribe to comments.
In this way, higher security is achieved. Is it possible that a malicious user can get the role of ISSO and use his own shutdown program to attack the system?
RBAC distributes the root user’s roles and authorization to more than one user. The previous example explains how a non-root user can be given authorization to execute commands such as shutdown. Comments Sign in or iax to add and subscribe to comments.
Either set the role specifically or use the “ALL” keyword to apply all assigned roles: Different root user tasks commands are assigned different authorizations. Successfully updated the Kernel Device Table.
Hence, a user who does not have the required authorization will fail to execute bootinfo. So far, I have shown how authorization and roles are used. The httpd account is meant to be an owning, not an operational, iax. A priviledge is an explicit access granted to a command, brac, or file.
The first task of this role-based program is to verify that the user has the appropriate role to use the program.
sudo-rbac – AIXTOOLS
Some of the ISSO tasks or responsibilities are:. This opens up a major risk of anyone who gets control of the root shell through malicious setuid programs can then do anything they want. To bypass DAC, privileges are required.
Install an application, e. Security considerations to protect your organization.
IBM Creating a RBAC role to run a command in AIX – United States
Switch into a new role session If the role was assigned to the user but not set as a default role or the keyword ALL was not used for the default roles the user needs to switch into it: Some of the ISSO tasks or responsibilities are: System shutdown and reboot File system backup, restore and quotas System error logging, trace and statistics Workload administration.
Does the command exist in the privileged command database? To prevent anyone from giving su access to the httpd account, make the following changes the PS1 prompts are changed to clarify which identity is active:.