Using trusted facilities

Programming examples

The rest of this chapter gives annotated code examples to illustrate how to program in a secure environment. Three code examples are given:

subsys.c: a program similar to auths(C), but it lists a user's subsystem authorizations rather than kernel authorizations
prwarn.c: a program that could be run from a user's .login or .profile file; it warns users when their passwords are about to expire
loge.c: a program similar to su(C); it allows users to run certain programs as the super user without knowing the root password.

Throughout this chapter, these code examples use the basic trusted system concepts: TCB (Trusted Computing Base) and DAC (Discretionary Access Control). The TCB consists of the UNIX kernel and the trusted utilities that reference and maintain relevant security data. The TCB implements the system's security policy; at the C2 level, this consists of DAC. DAC determines whether a user or a user's process has access to the information they want.

For more information about the basic concepts of a trusted system, refer to the NCSC Trusted Computer Systems Evaluation Criteria (TCSEC), the DoD Password Management Guidelines, and the SCO OpenServer System Administrator's Guide.