privgrp/getprivgrp

Vanja · ‎11-09-2005

Hi,
We are running some security scans and are being flagged for the having the following enabled:

# getprivgrp
global privileges: CHOWN
#

We are being told by security to disable the global CHOWN privileges. The default for solaris and linux os seems to be to have global CHOWN disabled. Dissalowing CHOWN prevents users from changing ownership of any files.
This can be done with the following commands:

# echo -n >/etc/privgroup
# chmod 400 /etc/privgroup
# /sbin/init.d/set_prvgrp start
# getprivgrp
global privileges:
#

DOES HP SUPPORT MAKING THIS CHANGE & WILL MAKING THIS CHANGE IMPACT ANY HPUX FUNCTIONALITY?
CAN IT CAUSE ANY OPERATING SYSTEM PROBLEMS?
IS THERE ANYTHING I SHOULD BE CONCERNED ABOUT?

THANKS!

Andy Torres · ‎11-09-2005

I've seen that on an Informix server. I believe it has to do with Async IO. If you're running Informix, or similar database, check with your local database admin. It may be required to run your app or database.

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

privgrp/getprivgrp

privgrp/getprivgrp

Re: privgrp/getprivgrp