The C_INIT
actor authenticates
users issuing commands from the host.
The ChorusOS operating system can be configured in secure mode, where
remote host access is checked through the /etc/security
administration file, located on the target root file system (see security(4CC)). In addition,
users' credentials may be specified in this file, overriding default C_INIT
configuration values.
If an /etc/security file exists, it must have read
permissions for everybody to allow C_INIT
to read
it with the default credentials (user identifier 0 and group identifier 0).
Secure mode is then activated. In this mode, C_INIT
authenticates every command it receives from the host. Authentication can
fail for two reasons:
The user name of the remote user which issued the rsh command is not found in the security file.
The remote host, from which the rsh command came, is not in the remote host's list of users.
In this case, a permission denied message is sent back to the host and the command is aborted.
If the authentication procedure succeeds, the user's privilege credentials
(user identifier or uid, group identifier or gid and additional groups) are read from the security file. Trusted
users have access to the full set of C_INIT
commands.
The ChorusOS operating system also features the ability to manage users' passwords through its password management feature. Related files are located in /etc/master.passwd and /etc/group. The introduction of these files to the ChorusOS operating system enables more flexible security management, in addition to the standard /etc/security file. You can choose to enable the password management feature by running pwd_mkdb.
The C_INIT
daemon can run in non-secure
mode, in secure mode or in password mode. If C_INIT
is running in password mode the login name of the user is first identified
in /etc/spwd.db, and then in /etc/security for additional information, such as remote host access permission.
If the latter file does not exist, default values apply. If C_INIT
is running in secure mode, the login name of the user is identified
only in /etc/security.
If C_INIT
is runing in non-secure mode, every
user is treated as a trusted user and inherits the C_INIT
default credentials , uid 0 and gid 0. These are by default zero.
In this case, if the host machine has exported the file system to be
mounted with the default mapping of root to nobody
,
it is necessary that read and execute permissions for the target executable
files be given to everybody. Otherwise C_INIT
will
not have the right to execute the application binaries.
To override the default credentials uid 0 and gid 0, you can use environment variables; these enable you to modify the system dynamically. To modify the deafult credentials:
$ rsh target setenv |
Another way to circumvent the problem of C_INIT
not having the right to execute the application binaries is by inhibiting
the mapping of root to nobody
on the host.
The /etc/ldap.conf file contains information about the location of the LDAP server for password management. Information about this file is contained in ldap.conf(4CC).
Further information on password management and how it affects various secure operations in this version of the ChorusOS operating system can be found in these man pages: getpwnam(3STDC), getgrent(3STDC), ,passwd(1M), pwd_mkdb(1M). group(4CC), rshd(1M), ftpd(1M), telnetd(1M).