HPE Community
Operating System - HP-UX
1838009 Members
4841 Online
110124 Solutions
New Discussion

assets and drawbacks of a trusted system

 
Senta Buck
Advisor

‎01-24-2001 12:45 AM

‎01-24-2001 12:45 AM

assets and drawbacks of a trusted system

I search in the net for the assets and drawbacks of a trusted system. I have found something. (also in this forum).
But I want to know some more....
The informations I've allready found are listet in the att. Word.doc .
What else I want to know.? :

More about :
- assets and drawbacks of a trusted system (also that I can measure what can happen if I switch to trusted)
- What else (excepting r - tools) do not work any longer?

After I have more informations I will put the new word.doc (again) online, so that you can "take it", if you like.

Documents you can also email to me: senta@senta.ch

Thanks a lot for your help!

Senta

We only have a system called schiller.
0 Kudos
Reply
3 REPLIES 3
Asdrubal Pichardo
Occasional Contributor

‎01-25-2001 01:13 AM

‎01-25-2001 01:13 AM

Re: assets and drawbacks of a trusted system

Hi,
There are other advantages converting to a trusted system. For example, you get much more auditing capabilities. You may audit system events with a lot of granularity (if you need that). You have also much more options regarding implementing a security policy. Another side effect is that default mask for creating new files (umask) is changed from 000 to 07077, which is much better! The only real problem I had was with secure shell, it stopped working when I converted my systems (due to the shadow password file). However, this was solved by installing OpenSSH, which works well on trusted systems.
Asdrubal
0 Kudos
Reply
Edward Sedgemore
Trusted Contributor

‎01-25-2001 01:43 AM

‎01-25-2001 01:43 AM

Re: assets and drawbacks of a trusted system


Heres some more disadvantages;

1. You will now need to get used to the modprpw and getprpw commands intimately as these are now needed to modify trusted accounts.

2. More difficult to change passwords (even as root you must know the old password of a user - or else find the shadow password file entry and blank it out!)

[HP does not/ will not support modprpw. If you have seen the 11.0 version, you will see the evolution of their idea that SAM should be the end all-- be all for user account maintenance. Ergo, it will fade between now and never WITHOUT ANY WARNING, as they have told *me* that they have that perogative as it is not a supported command.]
0 Kudos
Reply
Senta Buck
Advisor

‎01-25-2001 02:04 AM

‎01-25-2001 02:04 AM

Re: assets and drawbacks of a trusted system

Hi Asdurabal Pichardo
I see... you are from Germany, can you speak German as well?
Tell me a bit more about the auditing capabilities. Some examples?

Thanks a lot!

Senta
We only have a system called schiller.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.