ASET Master Files

ASET's master files, tune.high, tune.low, tune.med, and uid_aliases, are located in the /usr/aset/masters directory. ASET uses the master files to define security levels. For more detail, see the asetmasters(4) man page.

Tune Files

The tune.low, tune.med, and tune.high master files define the available ASET security levels. The files specify the attributes of system files at each level and are used for comparison and reference purposes.

The uid_aliases File

The uid_aliases file contains a list of multiple user accounts that share the same user ID (UID). Normally, ASET warns about such multiple user accounts because this practice lessens accountability. You can allow for exceptions to this rule by listing the exceptions in the uid_aliases file. ASET does not report entries in the passwd file with duplicate UIDs if these entries are specified in the uid_aliases file.

Avoid having multiple user accounts share the same UID. You should consider other methods of achieving your objective. For example, if you intend for several users to share a set of permissions, you could create a group account. You could also create a role. The sharing of UIDs should be your last resort, used only when other methods cannot accomplish your objectives.

You can use the UID_ALIASES environment variable to specify an alternate aliases file. The default file is /usr/aset/masters/uid_aliases.

The Checklist Files

The master files that are used by the system files checks are generated when you first execute ASET. The master files are also generated when you run ASET after changing the security level.

The following environment variables define the files that are checked by this task:

• CKLISTPATH_LOW

• CKLISTPATH_MED

• CKLISTPATH_HIGH