- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: TRUSTED SYSTEM
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-03-2003 11:37 PM
04-03-2003 11:37 PM
TRUSTED SYSTEM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-03-2003 11:59 PM
04-03-2003 11:59 PM
Re: TRUSTED SYSTEM
It should have no effect on a normal shell but with remsh usage it is possible.
Go to
www.docs.hp.com
Search on trusted
You will find everything explained
Steve Steel
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-04-2003 12:21 AM
04-04-2003 12:21 AM
Re: TRUSTED SYSTEM
You may check on this thread http://bizforums.itrc.hp.com/cm/QuestionAnswer/0,,0x672606350fe2d61190050090279cd0f9,00.html to further understand trusted vs untrusted system.
regards...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-04-2003 12:54 AM
04-04-2003 12:54 AM
Re: TRUSTED SYSTEM
The boxes are acting as database and file servers and I didn't find any influence on the performance.
Regards
Rainer
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-04-2003 01:10 AM
04-04-2003 01:10 AM
Re: TRUSTED SYSTEM
I converted one of my servers to a trusted system 3 months ago. This server runs shell programs from cron and there has been no problems at all.
Regards,
Hilary
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-04-2003 01:21 AM
04-04-2003 01:21 AM
Re: TRUSTED SYSTEM
I had numerous problems with a client/server data management tool which relied on a PC client connecting to a UNIX based Oracle database. Part of the problem stemmed from the client logging in. Some of the system calls change between an un-trusted and a trusted (C2) system on HP-UX. As long as the application code can cater for this, then all will be OK. The particular problem I had stemmed from the client code only calling getpwent instead of getprpwent. It always worked fine against an untrusted system, but not a C2 system.
Also bear in mind that if you enable auditing you need to check cron carefully (assuming you use it). Many cron jobs started to fail as soon as we enabled auditing.
Finally, try and ensure that your passwords are all C2 compliant BEFORE you tsconvert the password file. I had problems with ( certainly older) versions not allowing you to change the password if the original was not compliant (and you guessed it - I had trouble with the root passord)! :-)
Bottom line is - if you have a test setup, try it there first. If not, be prepared for some potentially weird problems.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-04-2003 01:24 AM
04-04-2003 01:24 AM
Re: TRUSTED SYSTEM
I have previously heard of applications that won't run under trusted systems as they directly access the passwd file. Of course on a trusted system the password is not kept there, and there are alternative system calls that should be used.
The application vendor should be able to tell you if they've tested their app on a trusted system.
regards,
Darren.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-04-2003 03:35 PM
04-04-2003 03:35 PM
Re: TRUSTED SYSTEM
The best ways are to not only test this out on test server, with as much of the application as you can, but also verify with the application vendor, as to whether it is supported or not first.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-04-2003 03:41 PM
04-04-2003 03:41 PM
Re: TRUSTED SYSTEM
As mentioned before, I did see applications accessing the encrypted passwords from /etc/passwd file to authenticate the users internal to themselves.
So, check with your vendors/developers to see if they do any such things.
Also, once you convert the systems, the passwords will expire and will create quite a mess for you. It will also enable bad login attempts thereby locking the users and you will have to be ready for an initial battle.
However, you can change all these options by using the commands 'modprdef' (systemwise) and 'modprpw' (per user). Or SAM can easily do it for you.
-Sri