Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

AIX and CAPP Security

Status
Not open for further replies.
rondebbs

rondebbs

MIS
Dec 28, 2005
109
US
We are getting ready to install several new 5.3 tl 5 LPARs on 3 differnt p570 machines. Our security department has asked us to deploy them CAPP/EAL4+ compliant. I have never heard of CAPP until now - Control Access Protection Profile.

I have been reading some excepts from the AIX Security manual. Apparently during the install we will select "More Options" and then select "Enable CAPP and EAL4+ Technology". This will automatically set the "Trusted Computing Base" option to yes.

Has anyone out there done this? We will be running applications such as Filenet, Oracle, Informatica etc. Will CAPP create problems? Anything we should know about? Additional overhead?

Thanks - Brad
 
Sort by date Sort by votes
I've done that once before accidentally.This is sth you don't wanna do unless you know exactly which files are accessed when using commands.By defaults it resets all permissions in /usr/sbin and others to --------- .Meaning , for every command you want to issue, you will have to give permissions to dependent files / libraries ,and this can become really frustrating :)
So for Oracle,all sticky bits are removed with the tcbcheck if you don't be carefull, so you really really really have to know what you are doing.At the end , I reinstalled the machine, because it was much to frustrating...


rgds,


R.
 
Upvote 0 Downvote
It sounds like this could really add to the duration of my install/configurations tasks.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

A
  • Locked
  • Question
Adding Existing LUN to New LPAR AIX
Replies
0
Views
385
Alvinghost
A
jkc2023
  • Locked
  • Question
AIX TL and SP upgrade
Replies
0
Views
475
jkc2023
jkc2023
E
  • Locked
  • Question
AIX Power5 on 5.3- On varyonvg error "cannot be varied on because no good copies of the descriptor area"
Replies
1
Views
450
JenLM
J
E
  • Locked
  • Question
What are reservations and how do you set them?
Replies
0
Views
342
emze
E
HariharanER
  • Locked
  • Question
Current versions are used in AIX
Replies
0
Views
327
HariharanER
HariharanER

Part and Inventory Search

Sponsor

Back
Top