Re: Disadvantages of Trusted Systems anymore ?

Hakki Aydin Ucar · ‎09-14-2009

As far as I know following disadvantages of Trusted System, and I am trying to find vulnerable and incompatible issue before go to Trusted Systems for my customer:

1-Incompatible with NIS
2-Incompatible with that need directly modify /etc/passwd

is there any other issue that anybody experienced ,please let me know.
Regards.

James R. Ferguson · ‎09-14-2009

Hi Hakki:

In my mind, the biggest disadvantage is that Trusted Systems are deprecated in 11.31 and will not be supported in a subsequent release.

The '/etc/shadow' password implementation is more consistent with other UNIX/LINUX and is the foundation for a number of evolving security enhancements.

Regards!

...JRF...

Hakki Aydin Ucar · ‎09-14-2009

So , can I say that Orange Book (it used to referencing to measure) is about to obsoleting now ?

Duncan Edmonstone · ‎09-14-2009

Agree with JRF - most of what needed Trusted Mode in 11.11 can be done in standard mode on 11.31. Even on 11.23 there are optional products to do most of this:

https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=StdModSecExt

Setting up new systems with Trusted Mode makes little sense now unless there is something very specific that only Trusted Mode can offer.

HTH

Duncan

I am an HPE Employee

Hakki Aydin Ucar · ‎09-14-2009

So it seems , if somebody like my customer use 11i v1, then it can be considered. But after that not important.

Duncan Edmonstone · ‎09-14-2009

The replacement for TCSEC "orange book" security is Common Criteria Certification:

http://en.wikipedia.org/wiki/Trusted_Computer_System_Evaluation_Criteria

HP-UX Certifications against this are here:

http://h20338.www2.hp.com/hpux11i/cache/532758-0-0-0-121.html

HTH

Duncan

I am an HPE Employee

Duncan Edmonstone · ‎09-14-2009

And if passwords in /etc/passwd are all you are concerned about, even 11.11 can offer a shadow password file in standard mode:

https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=ShadowPassword

HTH

Duncan

I am an HPE Employee

VK2COT · ‎09-14-2009

Hello,

TCB is going away. Better prepare for it.
It is much better to use Shadow Passwords
(especially on HP-UX 11.31, which has lot
of additional features).

One of the bad sides of TCB is that /tcb
directory structure is root-read only, and
there are numerous applications that cannot
get authenticated.

On the other hand, the biggest disadvantage
of Shadow Passwords on is that it does not
support passwords longer than eight
characters.

The new bundles for much longer Shadow
Password support on HP-UX 11.31 (up to 255
characters) is in testing now.

Some parts of HP-UX 11.31 0909 release
have already been made aware of longer
password support.

Cheers,

VK2COT

VK2COT - Dusan Baljevic

KathyL1 · ‎09-23-2009

> Setting up new systems with Trusted Mode makes little sense now
> unless there is something very specific that only Trusted Mode can offer.

Trusted mode does indeed offer very specific protection that is *NOT* available with Shadow passwords on 11.31 servers. Trusted Mode is the *ONLY* system that enforces password length, complexity, ageing, history, etc policies for the root user account.

With Shadow passwords the password length, complexity, ageing, history policies specified in the /etc/default/security file do *NOT* apply to the root user account - they only apply when a non-root user changes a password. As a result the root user can bypass these policies when changing the password for itself *AND* for other users - the root user can even set passwords to null!!

Due to our security requirements we'll be sticking with Trusted Mode for the foreseeable future!!

Kathy

Bill Hassell · ‎09-30-2009

> 1-Incompatible with NIS

For good reason. NIS is an archaic password system that broadcasts the passwords all over the network. It was probably useful in the days before the Internet but no auditor would allow NIS in a secure environment. NIS+ is a better choice but not many OS's can use it. LDAP is the more common method for multi-platform authentication.

> 2-Incompatible with that need directly modify /etc/passwd

Also a very good feature. No program should ever, ever be allowed to modify the passwd file that is not part of the OS.

> One of the bad sides of TCB is that /tcb
directory structure is root-read only, and
there are numerous applications that cannot
get authenticated.

Actually, I consider /tcb root-read only is a very great benefit. The numerous applications are dinosaurs that were written before industry standard PAM interfaces became available, or worse, these are new programs written by programmers that need to go back to changing tapes.

Trusted is still a supported security method for all current versions of HP-UX and I'll be recommending it for 11.31 systems. Since 11.31 will be around for a few years, I'll be waiting for a replacement that actually improves on Trusted features.

Bill Hassell, sysadmin

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Disadvantages of Trusted Systems anymore ?

Disadvantages of Trusted Systems anymore ?