Information Protection
You as an administrator are responsible for correctly setting up and maintaining discretionary access control (DAC) and mandatory access control (MAC) protections for security-critical files. Critical files include the following:
-
shadow
file – Contains encrypted passwords. See the shadow(5) man page. -
auth_attr
file – Contains custom authorizations. See the auth_attr(5) man page. -
prof_attr
file – Contains custom rights profiles. See the prof_attr(5) man page. -
exec_attr
file – Contains commands with security attributes that the site has added to rights profiles. See the exec_attr(5) man page. -
Audit trail – Contains the audit records that the audit service has collected. See the audit. log(5) man page.