Administering user accounts

Security profiles

A security profile is a set of pre-configured values for parameters that control the security behavior of your system, such as how long passwords last, or what privileges are assigned to users. Once you choose a profile, you can switch to another profile, or change any one of the dozens of parameters on an individual basis.

System security profiles

    Security profiles
Security parameters Low Traditional Improved High
Minimum days between changes 0 0 0 14
Expiration time (days) infinite infinite 42 42
Lifetime (days) infinite infinite 365 90
User can choose own yes yes yes no
User can run generator yes yes yes yes
Maximum generated length 8 8 10 10
Minimum length 1 3 5 8
Password triviality checks none System V goodpw weak[1] goodpw strong[2]
Password obviousness checks - no no[1] yes[2]
Password required to login no no yes yes
Single user password required yes yes yes yes
Maximum unsuccessful attempts (account/terminal) infinite 99 5/9 3/5
Delay between login attempts (secs) -- terminal only 0 1 2 2
Time to complete login (secs) -- terminal only 60 60 60 60
Primary backup,
lp, mem, terminal
none none
Secondary audittrail, queryspace, shutdown, su audittrail,
printqueue, queryspace, su
audittrail, queryspace, printqueue, su queryspace
  chmodsugid, chown, execsuid, suspendaudit chmodsugid, chown, execsuid chmodsugid, chown, execsuid chown, execsuid
Default umask[3] 022 022 027 077
C2 Features
LUID enforcement[4] no no no yes
STOPIO on devices[4] no no no no
SUID/SGID clear on write[4] no yes yes yes
Users can be deleted[5] yes yes no no
Database corruption[6] recover recover lockout lockout
Database precedence[7] System V System V TCB TCB

Users can schedule jobs allow allow deny deny
Home directory permissions 755 755 750 700
Dialup printers allowed yes yes no no
Hushlogin allowed[8] yes yes yes no
Password for asroot(ADM) no no no yes
Significant characters in passwords 8 8 80 80
su(C) use logged no yes yes yes
/etc/shadow present no yes yes yes

  1. Simple checks are made, such as ensuring at least three characters differ and that at least one character be non-alphabetic.

  2. Thorough checks are made, including disallowing words that appear in the online dictionary.

  3. These are located in /etc/profile and /etc/cshrc. A umask of 077 results in the creation of files that are readable only by the owner.

  4. These features are explained in ``Disabling C2 features''.

  5. A requirement central to C2 is that a user ID (UID) cannot be reused. This means that user accounts cannot be reused or reactivated after retirement. With the lower security profiles, user accounts can be removed rather than retired and user IDs can be altered or reused.

  6. On a system that conforms to C2 requirements, users are locked out of a system when a security database becomes corrupted. This ensures that the system does not operate in a potentially non-secure state. In the lower defaults, the system attempts to correct inconsistencies automatically and displays a warning rather than locking out users.

  7. Two sets of account databases are maintained: UNIX System V and trusted computing base (TCB) files. One set is used as a master when a discrepancy occurs. This is described in ``Configuring database precedence and recovery''.

  8. This feature allows the suppression of login messages. See the login(M) manual page for information.

Next topic: Understanding account database files
Previous topic: Changing the system security profile

© 2003 Caldera International, Inc. All rights reserved.
SCO OpenServer Release 5.0.7 -- 11 February 2003