System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

Disadvantages of Trusted Systems anymore ?

SOLVED
Go to solution
Hakki Aydin Ucar
Honored Contributor

Disadvantages of Trusted Systems anymore ?

As far as I know following disadvantages of Trusted System, and I am trying to find vulnerable and incompatible issue before go to Trusted Systems for my customer:

1-Incompatible with NIS
2-Incompatible with that need directly modify /etc/passwd

is there any other issue that anybody experienced ,please let me know.
Regards.
11 REPLIES
James R. Ferguson
Acclaimed Contributor
Solution

Re: Disadvantages of Trusted Systems anymore ?

Hi Hakki:

In my mind, the biggest disadvantage is that Trusted Systems are deprecated in 11.31 and will not be supported in a subsequent release.

The '/etc/shadow' password implementation is more consistent with other UNIX/LINUX and is the foundation for a number of evolving security enhancements.

Regards!

...JRF...
Hakki Aydin Ucar
Honored Contributor

Re: Disadvantages of Trusted Systems anymore ?

So , can I say that Orange Book (it used to referencing to measure) is about to obsoleting now ?
Duncan Edmonstone
Honored Contributor

Re: Disadvantages of Trusted Systems anymore ?

Agree with JRF - most of what needed Trusted Mode in 11.11 can be done in standard mode on 11.31. Even on 11.23 there are optional products to do most of this:

https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=StdModSecExt

Setting up new systems with Trusted Mode makes little sense now unless there is something very specific that only Trusted Mode can offer.

HTH

Duncan

HTH

Duncan
Hakki Aydin Ucar
Honored Contributor

Re: Disadvantages of Trusted Systems anymore ?

So it seems , if somebody like my customer use 11i v1, then it can be considered. But after that not important.
Duncan Edmonstone
Honored Contributor

Re: Disadvantages of Trusted Systems anymore ?

The replacement for TCSEC "orange book" security is Common Criteria Certification:

http://en.wikipedia.org/wiki/Trusted_Computer_System_Evaluation_Criteria

HP-UX Certifications against this are here:

http://h20338.www2.hp.com/hpux11i/cache/532758-0-0-0-121.html

HTH

Duncan


HTH

Duncan
Duncan Edmonstone
Honored Contributor

Re: Disadvantages of Trusted Systems anymore ?

And if passwords in /etc/passwd are all you are concerned about, even 11.11 can offer a shadow password file in standard mode:

https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=ShadowPassword

HTH

Duncan

HTH

Duncan
VK2COT
Honored Contributor

Re: Disadvantages of Trusted Systems anymore ?

Hello,

TCB is going away. Better prepare for it.
It is much better to use Shadow Passwords
(especially on HP-UX 11.31, which has lot
of additional features).

One of the bad sides of TCB is that /tcb
directory structure is root-read only, and
there are numerous applications that cannot
get authenticated.

On the other hand, the biggest disadvantage
of Shadow Passwords on is that it does not
support passwords longer than eight
characters.

The new bundles for much longer Shadow
Password support on HP-UX 11.31 (up to 255
characters) is in testing now.

Some parts of HP-UX 11.31 0909 release
have already been made aware of longer
password support.

Cheers,

VK2COT
VK2COT - Dusan Baljevic
KathyL1
Valued Contributor

Re: Disadvantages of Trusted Systems anymore ?

> Setting up new systems with Trusted Mode makes little sense now
> unless there is something very specific that only Trusted Mode can offer.

Trusted mode does indeed offer very specific protection that is *NOT* available with Shadow passwords on 11.31 servers. Trusted Mode is the *ONLY* system that enforces password length, complexity, ageing, history, etc policies for the root user account.

With Shadow passwords the password length, complexity, ageing, history policies specified in the /etc/default/security file do *NOT* apply to the root user account - they only apply when a non-root user changes a password. As a result the root user can bypass these policies when changing the password for itself *AND* for other users - the root user can even set passwords to null!!

Due to our security requirements we'll be sticking with Trusted Mode for the foreseeable future!!

Kathy
Bill Hassell
Honored Contributor

Re: Disadvantages of Trusted Systems anymore ?

> 1-Incompatible with NIS

For good reason. NIS is an archaic password system that broadcasts the passwords all over the network. It was probably useful in the days before the Internet but no auditor would allow NIS in a secure environment. NIS+ is a better choice but not many OS's can use it. LDAP is the more common method for multi-platform authentication.

> 2-Incompatible with that need directly modify /etc/passwd

Also a very good feature. No program should ever, ever be allowed to modify the passwd file that is not part of the OS.

> One of the bad sides of TCB is that /tcb
directory structure is root-read only, and
there are numerous applications that cannot
get authenticated.

Actually, I consider /tcb root-read only is a very great benefit. The numerous applications are dinosaurs that were written before industry standard PAM interfaces became available, or worse, these are new programs written by programmers that need to go back to changing tapes.

Trusted is still a supported security method for all current versions of HP-UX and I'll be recommending it for 11.31 systems. Since 11.31 will be around for a few years, I'll be waiting for a replacement that actually improves on Trusted features.


Bill Hassell, sysadmin
Steven E. Protter
Exalted Contributor

Re: Disadvantages of Trusted Systems anymore ?

Shalom,

Shadow passwords, available on http://software.hp.com are probably the way to go.

I've noticed an underlying trend to be a little more Linux like and this would make HP-UX easier to work with with the larger, Linux crowd.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
VK2COT
Honored Contributor

Re: Disadvantages of Trusted Systems anymore ?

Hello,

While there is no doubt that TCB has excellent
features and works well, it is a fact that
HP, for better or worse, decided to retire
it in the future release.

As an alternative, many enhancements to
Shadow passwords were added.

Just recently, I tested the new bundles for
much longer Shadow Password support on HP-UX 11.31.

There is also an enhancement request
QXCR1000970986 to apply password policies on
the root user.

Overall, whether we liked TCB or not (personally, I was very fond of it),
we need to move on :)

As far as "old" applications that had
problems with TCB due to permissions -
sadly, that is still the case. I have number
of customers who use weird applications
and TCB is making it very difficult.
Telling them to change the application design
did not help much because when a customer is,
say, a Fortune-500 company, they do not care
what the technical people say most of the
time. Quite a few companies typically
learn only when a disaster strikes and
the IT best practices are meaningless
in that case.

If only shareholders knew what kind of companies they support sometimes!

Regards,

VK2COT
VK2COT - Dusan Baljevic