HPE Community
Operating System - HP-UX
1832960 Members
3376 Online
110048 Solutions
New Discussion

Security on HPUX 11.0

 
Gavin Rowland
Occasional Contributor

‎08-29-2001 02:21 AM

‎08-29-2001 02:21 AM

Security on HPUX 11.0

Is anyone aware of any software/patch that would place a secure group in /etc/group?. This is causing problems with the application
that is running on a L2000 server running HPUX 11.0.
0 Kudos
Reply
7 REPLIES 7
eran maor
Honored Contributor

‎08-29-2001 02:30 AM

‎08-29-2001 02:30 AM

Re: Security on HPUX 11.0

Hi Gavin

from what i understand you are looking of a software for a secure group or secure group file , s ofor this the option is a trusted system that can give the the option for a secure passwd and group file .

to convert your system to a trusted syste mgot to sam over there go to even and auditing and then choose one of the option to convert the system to a trusted system .

i would also advise if you are moving to a trusted system to read the pdf of this system

you can found it on www.docs.hp.com

there is a lot of patches for securety and but not for a secure group .

mybe someone else hread about it
love computers
0 Kudos
Reply
Gavin Rowland
Occasional Contributor

‎08-29-2001 02:33 AM

‎08-29-2001 02:33 AM

Re: Security on HPUX 11.0

Eran,

Sorry I probably wasn't to clear in my initial post.
Something has placed a group named "secure" in the /etc/group file of the system in question.
I am trying to track down what software would do that as the Client is not aware of how this happened but is suffering the consequences of it.

Cheers
Gavin
0 Kudos
Reply
eran maor
Honored Contributor

‎08-29-2001 02:48 AM

‎08-29-2001 02:48 AM

Re: Security on HPUX 11.0

Hi

now i m more clear .

i m an expert in patches and i can tell you for sure that there isnt any patch that put this group in the /etc/group .

i also install most of the hp software that exist and i search in our systems and didnt found and i cant remember of a hp software that is doing it .

so i thing that this is or a 3party software or some on did somthing it the past .

i would recomend to ask in your com. if someone know about this issue( probely you did it ) and then delete this entry from your system and see if something is worng .

i also check in our database about this issue and didnt found any info .

hope that you find the answer
love computers
0 Kudos
Reply
Paula J Frazer-Campbell
Honored Contributor

‎08-29-2001 02:48 AM

‎08-29-2001 02:48 AM

Re: Security on HPUX 11.0

Hi Gavin

Check GID with the passwd file - is there an entry for a user there?

Paula
If you can spell SysAdmin then you is one - anon
0 Kudos
Reply
Paula J Frazer-Campbell
Honored Contributor

‎08-29-2001 02:54 AM

‎08-29-2001 02:54 AM

Re: Security on HPUX 11.0

Gavin

Further things to check :-

time/date stamp on group and passwd file - it may help.

From backups try and identify when "secure" group appeared.

from change control tie in the changed date with apps / patches applied.

chech .sh_history and search for "secure" and "group"

HTH

Paula
If you can spell SysAdmin then you is one - anon
0 Kudos
Reply
Wodisch
Honored Contributor

‎08-29-2001 09:02 AM

‎08-29-2001 09:02 AM

Re: Security on HPUX 11.0

Hello Gavin,

have searched your filesystems for any file
or directory owned by that group? Like:
find / -group secure -exec ls -abdl {} ";"

That list should give you an idea who/what is
using that group...

HTH,
Wodisch
0 Kudos
Reply
Account Not Used
Frequent Advisor

‎08-29-2001 02:18 PM

‎08-29-2001 02:18 PM

Re: Security on HPUX 11.0

Earon is correct not patch would put "secure" in the /etc/group file. I would not only suggest turning on auditing via the Trusted mode I would also install sudo. Sounds like you don't have enough audit trai enabled to find out how this might of happened.

PS: Don't forget to give points.
"Who moved my cheese?"
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.