I can use find to check more evident conditions
I am thinking in terms of ignoring link files. Not worrying about owner of files that has GID bit set. [ these two scenarios I know ]
Are there any other scenarios that are not more evident but should be considered for this kind of generic script !? One example is check for broken link files!
I am starting an audit of unix security within our company and am looking for any information that may assist me with this. I am looking for any tips or pointers that I should be aware of when looking at unix. I am very new to unix so any help will do. Maybe there is someone out the that has had... (3 Replies)
Hello,
What does the following mean in terms of file permissions.
-rw-rwSrw- 1 owner group 999 May 25 2004 file_name
What does the "S" stand for.
Thanks in advance for your input. :) (3 Replies)
I work for a big company and all the people within my unit share a common drive to save documents to. I am listed in the group(AMS group) that has access rights to folders within this drive. but i'm trying to restrict access to a confidential folder so that only I can access it.
when I set the... (0 Replies)
Hello,
If you are interested in security, check out this new directory of unix and linux related software tools.
Security - Links
If you have any of your favorite tools, feel free to add them to the directory. (0 Replies)
Introduction
I have seen some misinformation regarding Unix file permissions. I will try to set the record straight. Take a look at this example of some output from ls:
$ ls -ld /usr/bin /usr/bin/cat
drwxrwxr-x 3 root bin 8704 Sep 23 2004 /usr/bin
-r-xr-xr-x 1 bin bin ... (6 Replies)
Hi Team,
I want to set permissions to one folder in such a way that the user can write files or create folder inside that but should not able to delete it.
Basically reason behind this is i am using Pidgin Messenger. There is a directory of logs in which, when user chat its store his logs.... (2 Replies)
Discussion started by: paragnehete
2 Replies
LEARN ABOUT HPUX
audwrite
audwrite(2) System Calls Manual audwrite(2)NAME
audwrite() - write an audit record for a self-auditing process
SYNOPSIS DESCRIPTION
is called by self-auditing processes, which are capable of turning off the regular auditing using the system call (see audswitch(2)) and
doing higher-level auditing on their own. is restricted to users with the privilege.
checks to see if the auditing system is on and the calling process and the event specified are being audited. If these conditions are met,
writes the audit record pointed to by audrec_p into the audit trail. The record consists of an audit record body and a header with the
following fields:
/* Date/time (tv_sec of timeval) */
/* Process ID */
/* Success/failure */
/* Event being audited */
/* Length of variant part */
The body contains additional information about the high-level audit event. The header fields and are specified by the calling process.
fills in and fields with the correct values. this is done to reduce the risk of forgery. Beginning with 11i version 3 release, converts
the record into a different format before writing it into the current audit trail.
Security Restrictions
Some or all of the actions associated with this system call require the privilege. Processes owned by the superuser have this privilege.
Processes owned by other users may have this privilege, depending on system configuration. See privileges(5) for more information about
privileged access on systems that support fine-grained privileges.
RETURN VALUE
If the write is successful, a value of is returned. Otherwise, a value of is returned and is set to indicate the reason for the failure.
ERRORS
fails if one of the following is true:
The caller does not possess the
privilege.
The event number in the audit record is invalid.
WARNINGS
If causes a file space overflow, the calling process might be suspended until the file space is cleaned up. However, a returned call with
the return value of indicates that the audit record has been successfully written.
AUTHOR
was developed by HP.
SEE ALSO audswitch(2), audit(4), privileges(5).
audwrite(2)