Simpler Navigation for Servers and Operating Systems
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
Showing results for 
Search instead for 
Did you mean: 

HP-UX C2 Trusted

Occasional Advisor

HP-UX C2 Trusted

I have HP-UX 10.20 whit Oracle 7.3 and I'm going to convert this system to C2 Trusted.

Must I to do anything with Oracle?

Honored Contributor

Re: HP-UX C2 Trusted


Have a look at Trusted Oracle7 MLS RDBMS, a
state-of-the-art product built to support a strict multilevel security (MLS) policy on trusted operating systems.

today this is called "Oracle Label Security"

hope this helps!

No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)
Massimo Bianchi
Honored Contributor

Re: HP-UX C2 Trusted

AFAIK, there are no problem, since this affect only the way users are authenticated.

However, you should pay attention to the secutiry polivi on the user, the oracle owner shuold ve allowed to login at every hour, and that its password never expires ans so on, to prevent startup/shutdown problem suddenly.

I had two C2 systems, one 7.3 and one 8.0.5, and they had no particular problem, keeping in mind my previous notice.

BTW, you know that 10.20 and 7.3 are praticallly out of support ?


Jairo Campana
Trusted Contributor

Re: HP-UX C2 Trusted

I had problems with an application HPIA HPinternet Activator with oracle 8 in HPUX 11.0 .
I had to return in mode no trusted.
Patrick Wallek
Honored Contributor

Re: HP-UX C2 Trusted

No you do not need to do anything with Oracle. It will run just fine on a trusted system. We have a range of databased from 7.3.3 up to 9i and all are on trusted systems with no special setup and no problems.
Jim Mallett
Honored Contributor

Re: HP-UX C2 Trusted


I just converted our Oracle development machine(on 11.00) to a Trusted System and had no issues. I was concerned myself about any Oracle ramifications and was not able to find anything, and haven't had issues this week.
The only thing I'll need to keep my eye on are the Oracle system admin accounts, historically I haven't made them change that password and I am now. We'll find out if they have any scripts with the pass hardcoded I guess.

Good luck,
Hindsight is 20/20
Donny Jekels
Respected Contributor

Re: HP-UX C2 Trusted

trusted systems has no relevance with oracle and you don't have to do anything on the oracle side of the fence.

sit back and relax!!
"Vision, is the art of seeing the invisible"
Esteemed Contributor

Re: HP-UX C2 Trusted


No need to do something with Oracle,
the convert to trusted affect the OS (users/passwords) but it still work the
same way.

Steven E. Protter
Exalted Contributor

Re: HP-UX C2 Trusted

Though you are not required to do anything with Oracle, you might want to upgrade because the 7.x products are approaching the end of their life cycle.

When that happens, if a security flaw comes up, Oracle won't fix it.

C2 is a nice term, but you need to think also about whether the system is actually secure.

Are you using the Berkely Protocols, rcp, et al. I don't care whether C2 permits that or not, they are not a good idea to run due to their authentication methodology.

Does C2 let you run telnetd and ftpd, both of which transmit passwords back and fortth to the user in clear text? I don't know, but if you truly want a secure system they should be replaced by Secure Shell.

Does C2 certification require you to run Bastille on the machine? That is a good idea.

C2 certification should not be mistaken for true security. That is part of a broader plan that means keeping up on security patches, running the right tools and getting down for some good olf fashioned sysetms adminitration by looking at umask, default permissions and such.

C2 is a requirement for certain government computer systems that is a good start, but it hasn't stopped penetration of secure systems at the Pentagon has it?

Food for thought.

Sumamry: C2, a good start, but not the ending.

Steven E Protter
Owner of ISN Corporation