HPE Community
Operating System - HP-UX
1754021 Members
8173 Online
108811 Solutions
New Discussion

Re: Disadvantages of Trusted Systems anymore ?

 
SOLVED
Go to solution
Steven E. Protter
Exalted Contributor

‎09-30-2009 07:25 PM

‎09-30-2009 07:25 PM

Re: Disadvantages of Trusted Systems anymore ?

Shalom,

Shadow passwords, available on http://software.hp.com are probably the way to go.

I've noticed an underlying trend to be a little more Linux like and this would make HP-UX easier to work with with the larger, Linux crowd.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
VK2COT
Honored Contributor

‎09-30-2009 09:41 PM

‎09-30-2009 09:41 PM

Re: Disadvantages of Trusted Systems anymore ?

Hello,

While there is no doubt that TCB has excellent
features and works well, it is a fact that
HP, for better or worse, decided to retire
it in the future release.

As an alternative, many enhancements to
Shadow passwords were added.

Just recently, I tested the new bundles for
much longer Shadow Password support on HP-UX 11.31.

There is also an enhancement request
QXCR1000970986 to apply password policies on
the root user.

Overall, whether we liked TCB or not (personally, I was very fond of it),
we need to move on :)

As far as "old" applications that had
problems with TCB due to permissions -
sadly, that is still the case. I have number
of customers who use weird applications
and TCB is making it very difficult.
Telling them to change the application design
did not help much because when a customer is,
say, a Fortune-500 company, they do not care
what the technical people say most of the
time. Quite a few companies typically
learn only when a disaster strikes and
the IT best practices are meaningless
in that case.

If only shareholders knew what kind of companies they support sometimes!

Regards,

VK2COT
VK2COT - Dusan Baljevic
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.