Using trusted facilities
Because no computer system
is completely free from risk, we refer to systems as
``trusted'' rather than ``secure.'' A trusted system
achieves a greater level of control over access
to information by providing mechanisms to detect and possibly
prevent unauthorized access, along with additional means to confirm that
these mechanisms are
functioning properly. The C2 level of trust means that the
system meets specific criteria in its
security policy, accountability, assurance, testing, and
documentation.
All UNIX operating systems provide
some measure of security by allowing
users have passwords to log on
and offering the ability to specify access permissions
for the owner, group, and other
for each file or directory.
SCO OpenServer maintains compatibility
with existing UNIX system mechanisms and provides enhanced
security features and trusted facilities.
The examples in this chapter
illustrate how to use trusted facilities
to create a protected subsystem,
which is an application that uses the trusted facilities
to control access permission to
its executable and data files.
Consider the following when deciding
whether to implement your application
using trusted facilities:
-
Virtually all UNIX
operating systems support the standard facilities,
so programs that use the standard facilities
are more portable.
-
Trusted facilities provide a much greater level of security
and are recommended for applications that
manipulate data requiring protection from unauthorized disclosure.
Next topic:
Using protected subsystems
© 2003 Caldera International, Inc. All rights reserved.
SCO OpenServer Release 5.0.7 -- 11 February 2003