Operating System - HP-UX
1830899 Members
3525 Online
110017 Solutions
New Discussion

trusted system:security patches.

 
dsrao
Occasional Contributor

trusted system:security patches.

Hi,

I have hp-ux 11.0. server. I want to convert it into trusted system. Before converting it to trusted system, I would like to know what are the patches
have to be installed.

tks n rgds

dsrao
2 REPLIES 2
Steven Sim Kok Leong
Honored Contributor

Re: trusted system:security patches.

Hi,

There are too many. You are better off installing match-what-target-has from the latest Software Extension Pack containing the latest cumulative patch depot.

From the security perspective, one thing to note after your conversion to trusted system is the umask. Check that the umask value is set appropriately.

You can extract the entire list of related patches by accessing the patch database at below link and type in the keywords "trusted system" etc.

http://us-support3.external.hp.com/wpsl/bin/doc.pl/

Hope this helps. Regards.

To name a few related trusted system patches:

PHCO_20679:
1. On a trusted system, an user name 'name' cannot be added if 'name-t' is already existing in the passwd file. This problem was occuring because the return value of the libc call "putprpwnam" was not appropraitely being checked.

PHCO_17631:
- SAM is unable to reset a user's password when running on a trusted system.

PHCO_14733:
Trusted mode passwd doesn't show correct last change time.

PHCO_23422: OTHER
Reduces potential severe performance impact on a Trusted System with a very large I/O buffer cache and heavy I/O; the system may appear to be hung.

Hope this helps. Regards.
Ravi_8
Honored Contributor

Re: trusted system:security patches.

Hi,

apply all the patches which are there is the latest support CD. Disable the NIS if you have(since NIS wouldn't work with trusted system)
never give up