Once again great info
, thanx
Well I have a client that is interested in TCB. They have fraud issues on their servers and need to secure them. They have done the standard stuff like stop ftp/tn, etc enable ssh, tcp wrappers, check umask, permissions, etc. However we have explained that TCB will not show what is happening in the database, only flat files, user details, etc. So I am just trying to confirm what I have "heard" about TCB and find out as much info as I can (very little at this stage). It is always tough to explain to none technical management that 9 out of 10 times there is no "quick-fix" for security issues. Especially on systems that have been running for ages and have multiple child dependencies!
Anyway thank you again for the excellent feedback. If I could just ask, what would your personal opinion be of TCB in AIX? worth installing and leaving dormant, it does provide some use, not worth the effort & complicates systems.
regards