Login or Register to Ask a Question and Join Our Community


HP-UX

HP-UX 11i Security Containment

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems HP-UX HP-UX 11i Security Containment
# 1  
Old 04-21-2006
HP-UX 11i Security Containment
Has there been much success (or failure for that matter) around implementing these three core techbologies? Has it delievered what it has promised (fine grain privileges, compartments, and role based access control)?

I haven't found very much commentary here or around the Internet on the subject.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. HP-UX

Eclipse 3.1 on HP-UX 11i

Hey guys how do you run eclipse on HP-UX 11i? there's a startup.jar and an eclipse file ( which is not an executable ) I get different errors try to run the jar file with different java versions. I have all the possible java vm's installed. (0 Replies)
Discussion started by: binary0x01
0 Replies

2. HP-UX

Where can i get hp-ux 11i v3

I have to access to hp integrity bl870c server blade and i have no hp-ux 11i v2 or 11i v3 DVD's where can i get a DVD or download it . as i have no direct contact with vendor . thanks (4 Replies)
Discussion started by: h@foorsa.biz
4 Replies

3. HP-UX

Installing HP 11i v3

Hi, I want to install HP 11i v3 OS on PA-RISC systems, which already have HP11i v1 operating system. I want to know that what are software and hardware requirements I will need for doing this? Thanks in Advance Mike (1 Reply)
Discussion started by: Mike1234
1 Replies

4. HP-UX

HP UX 11i and HP C8000

Hey, i want install HP UX 11i on HP C8000. When i start the C8000 i get a prompt. On this Prompt i write BOot P1 P1 is my DVD-ROM (IDE). I get the Message "ERROR: Not a boot path". When i write SEArch the Prompt said: P0 scsiA.6 HP73.4MAT3073NP P1 ide.1 ... (2 Replies)
Discussion started by: numx
2 Replies

5. HP-UX

About compatibility of HP-UX 11i

Could you please tell me if Informix 7.20 UD2 works on HP-UX 11i and if applications that works on HP-UX 10.20 and Informix 7.20 UD2 works on HP-UX 11i. Thanks a lot. (0 Replies)
Discussion started by: Irene Martínez
0 Replies

6. HP-UX

How to use CSTM on HP-Ux 11i V2

Hi, Newbie here......I am an new guy on HP-Ux... may i ask all the the guru's and who has eperienced here to enlightened me on how to use the CSTM command. My goal is to view the current HW installed on the Server. Thanks in advance. (1 Reply)
Discussion started by: renobal
1 Replies

7. HP-UX

HP 11i 64

Hi, could somebody confirm that HP 11i 64 is a 64 bits system ? Thank you (1 Reply)
Discussion started by: aribault
1 Replies

8. HP-UX

HP-UX 11i v2 for PA-RISC

Hello, i trying to get HP-UX 11i v2 for PA-RISC. I`im to poor to buy this system, so I`am asking that someone can help me. best regards email removed (1 Reply)
Discussion started by: mruczas
1 Replies

9. HP-UX

HP-UX 11i

Need to find the changes made in hp-ux11iv2 and how to migrate from hp-ux11i to hp-ux11iv2. Thanks in advance. (1 Reply)
Discussion started by: mhbd
1 Replies

10. UNIX for Dummies Questions & Answers

hp-ux 11i

Need to find the changes made in hp-ux11iv2 and how to migrate from hp-ux11i to hp-ux11iv2. Thanks in advance. (1 Reply)
Discussion started by: mhbd
1 Replies
Login or Register to Ask a Question

LEARN ABOUT HPUX

getrules

getrules(1M)															      getrules(1M)

NAME

       getrules - display compartment rules

SYNOPSIS


       [compartment_name]...

       interface_name[...]  ipaddr/mask[...]

       [interface_name...]  [IPaddress...]

DESCRIPTION

       displays rules defined for compartment(s) or network interface(s).  This command can only be used when compartmentalization is enabled (see
       cmpt_tune(1M)).

       If no options are specified, all subsystem rules for the given compartment are displayed.  If no compartment_name is specified, information
       on all compartments is displayed.

   Options
       recognizes the following options:

	      Displays all the compartments configured on the system.

	      Displays the file system rules for the compartment(s).

	      Displays the IPC system rules for the compartment(s).

	      Displays the compartment names associated with the
		   interface(s)  and  the  IP address/mask as set by a previous invocation of Either the interface_name or the ipaddr/mask must be
		   specified.  More than one interface_name and/or IPaddress can be specified.

	      Displays the compartment names associated with the logical
		   interface(s) and the IP addresses as applied by the kernel.	When interface rules conflict with each other, this option can	be
		   used  to find how the conflicts are resolved.  If no arguments are specified, information about all currently active interfaces
		   is displayed.

	      Displays the network system rules for the compartment(s).

	      Displays all the interface rules being applied by the kernel on
		   the specified compartment(s).  If no compartment name is specified all the interface rules being applied by the kernel  on  all
		   the existing compartments will be displayed.

	      Displays the disallowed privileges list in short form for compartment(s).
		   The short form includes compound privileges in the privilege list.

	      Displays the disallowed privileges list in literal form for compartment(s).
		   The literal form expands compound privileges in the privilege list.

	      Displays all the compartment rules of the specified compartment(s) in the
		   machine  parsable  format.	Using  the  ""	or "" command is useful when used in combination with discover mode.  See compart-
		   ments(5).

   Operands
       recognizes the following operands:
	      compartment_name Name of the compartment for which information is displayed.

	      interface_name
		     Name of the network interface for which information is displayed.

	      IPaddress
		     An IPv4 or IPv6 address

	      ipaddr/mask
		     An IPv4 address or an IPv6 address and the corresponding mask.

   Notes
       The command is provided for diagnostic purposes, and as such the output of the command may change.

       Some rules can be expressed in multiple forms.  For instance, specifying that it can send a signal to is the same as specifying that it can
       receive signals from As this command displays the rules only once, it can be misleading when interpreting the output.

   Security Restrictions
       The user invoking this command must have one of the following authorizations:

       See authadm(1M)).

RETURN VALUE

       returns the following values:

	      Successful completion.
		   The rules are displayed.

	      An error occurred.
		   An error can be caused by an invalid option or because the user does not have permissions to perform the operation.

EXAMPLES

       Example: Display all file system rules for the compartment named web:

       Sample output:

	      Compartment Name: web : sealed
		  Disallowed Privileges: POLICY

		  File System Rules:
		  ------------------
		  PERMISSION			      PATHNAME
		  read, write, create, unlink	      /

SEE ALSO

       cmpt_tune(1M), setrules(1M), compartments(4), compartments(5), privileges(5).

																      getrules(1M)