LJK/Security Reference Manual
Previous Contents Index

User Interfaces

To learn details on controlling LJK/Security, read one of:

Chapter 3
Window Interface

This chapter describes how to control LJK/Security using the DECwindows graphic user interface. For those with a DECwindows workstation available, the LJK/Security Window Interface is usually the easiest mechanism for using the software.

Descriptions of the Window Interface is divided into five sections:

Performance Note
Care should be taken to ensure there are sufficient resources to properly run DECwindows. In particular, those with a VAXstation II or VAXstation 2000 should run LJK/Security on a larger host, using the workstation only for the display server.

This can be accomplished by using the SET DISPLAY command on the host prior to running LJK/Security: 


$ SET DISPLAY /CREATE /NODE=<workstation> 
$ LJK/Security
Of course the workstation specified can only be accessed if its security options are set to allow access by your username from the host you are on, as described in the VMS DECwindows user documentation.

Using the DECwindows interface, LJK/Security performance is quite sensitive to the size of the user working set. LJK Software recommends setting the user account WSEXTENT quota to at least 3000 or 4000 to allow the use of any memory which may be available. (Leaving the WSQUOTA and WSDEFAULT quotas undisturbed prevents unfair disruption of other users on the system.) The large WSEXTENT quota will only have any effect to the limit set by the system parameter WSMAX.

3.1 Windowing Terminology

Within this chapter, certain terms are used which are specific to a windowing environment.

3.2 Context Sensitive Help

To find out about any LJK/Security graphic element you can hold down the "Help" key on the keyboard and then click on the element in question before releasing the "Help" key. (In the case of a command from a pulldown menu, it is necessary to depress the mouse button on the menu name and drag the cursor down to the command in question before releasing it.)

3.3 Using the Window Interface on a New Installation

This section discusses the minimal set of actions required for a security officer to set up LJK/Security on a new system using the Window Interface. The description presumes the system manager has already installed the software using VMSINSTAL, as described in steps a-e of Section 2.2, Installation on the Master Node.

Tremendous numbers of violation reports can be generated by the DISK facility, so as a brand new user of LJK/Security you will likely have an easier time devising your initial policies if you start with the DISK facility disabled. Enable the DISK facility again after you are happy with results from the rest of your policy.

3.3.1 Starting LJK/Security

Use the normal command LJK/SECURITY to start LJK/Security with the Window Interface. So long as a DECwindows display has been defined, either by default in process creation, or explicitly with the SET DISPLAY command, an LJK/Security Main Window will appear within 30 seconds.

To run at a workstation entirely in a terminal emulator window without using the Window Interface, use the qualifier /INTERFACE=. The possible values are: 


        /INTERFACE=DECWINDOWS 
   or 
        /INTERFACE=CHARACTER_CELL

As always, DECwindows terminal emulator users can specify use of the Command Interface rather than the Menu Interface by using the qualifier /NOSMG in addition to the /INTERFACE=CHARACTER_CELL qualifier.

3.3.2 Creating a Policy

Each master node running LJK/Security must have at least one policy to contain the rules against which VMS system security will be measured.


Selecting the New Policy command from the File Menu of the Main Window creates a series of dialog boxes.

In the first dialog box you must type the name1 you want to use for the new policy. The second dialog box asks whether you want to include values from an existing policy named DEFAULT. This is immaterial in this case since your first policy has yet to be created, but the dialog box is presented anyway to provide a consistent interface.

When you have clicked on the "OK" button in each of the two dialog boxes, a policy is created and displayed in a new window on the screen.

After creation of the policy window, there is a slight delay while the message "Reading Policy File" is displayed in a Work In Progress box in the center of the new window. When that message disappears the regular contents of the policy will be displayed.

Policy windows contain additional columns (the rightmost of which is only filled for exemptions), so you may wish to drag on the resize button to make the window wider.

3.3.3 Adding an Exemption

Limits for individual tests within an LJK/Security policy set the overall standard against which testing will be done, but in certain cases more lenient standards should be set up through use of an exemption. For example, the test (UAF, PRIVLEVEL, ABSOLUTHI) generally prohibits assignment of powerful VMS privileges. In the case of the username "SYSTEM", however, such privileges are required, for instance to allow proper operation of system management batch jobs which might be submitted as part of the system startup procedure.

This section shows how to add such an exemption for the username "SYSTEM".

Select the test (UAF, PRIVLEVEL, ABSOLUTHI) from the Policy Window causing it to be highlighted in reverse video.


While the desired test is highlighted, select the Exempt command from the Edit menu of the Policy window creating a dialog box for adding an exemption.

Enter the desired value for the Exemption (Category-all, in this case) by clicking the appropriate radio button, or by selecting the Value field within the dialog box and typing th text if you prefer.

In the field for the Exemption Node, enter an asterisk "*" as a wildcard indicator, since this particular exemption you are adding should apply to all nodes covered by this policy. If you were adding a similar exemption for an individual user authorized extreme privileges, such as the system manager, you would enter separate exemptions for each node on which that individual was permitted to have extreme privileges.

In the field for the Exemption String, enter the username for which the exemption is to be granted, in this case "SYSTEM".

The Comment field allows you to make a notation explaining the reason why a particular policy change was made. For example, "January 14, 1990 memo from vice-president Mary Smith". Especially in cases where multiple individual security officers will be running LJK/Security, it is important to leave a record of why particular changes were made so actions can be taken in a coordinated fashion.

Since LJK/Security keeps a record of which username made the change, it will be quite obvious which member of the team is failing to fill in the comment field!

3.3.4 Creating an Assessment

The specification of which policies apply to which tributary nodes is stored as an LJK/Security assessment. The assessment thus also provides a list of which nodes are to be tested, excluding for instance, any which do not have the LJK/Security software installed.


Select the New Assessment command from the File Menu of the Main Window to create a series of dialog boxes. In the first dialog box you must type the name2 you want to use for the new assessment. The second dialog box asks whether you want to include values from an existing assessment named DEFAULT. This is immaterial in this case since your first assessment has yet to be created, but the dialog box is presented anyway to provide a consistent interface.

When you have clicked on the "OK" button in each of the two dialog boxes, an assessment is created and displayed in a new window on the screen.

The new assessment contains only one entry called "< Prototype >". This entry does not actually represent a node to be assessed, but is present to be used as a template for creating assessment entries.

Select the < Prototype > entry from the Assessment Window causing it to be highlighted in reverse video.


While the entry is highlighted, select the Modify command from the Edit menu of the Assessment window creating a dialog box modifying an Assessment entry. The same thing can be accomplished by double-clicking on the < Prototype > entry, since the default action for the Assessment window is Modify.

The dialog box displays the fields of an existing entry so they can be viewed or changed. If they are changed and accepted with the Apply or OK button, there are two possibilities:

  1. If the node name field was not changed, then the assessment values on disk for the subject node are changed.
  2. If the node name field was one of those changed, then the values of the other fields are applied for some other node, either adding a new node to the assessment or some set of existing values for that node. In all cases where a change is made, LJK/Security maintains a history record of the previous values.

In this case (initial setup of an assessment) you should change the node name3 from < Prototype > to the node name you are going to test. For single-node licenses, this will be the same as the name of the master node on which you are running LJK/Security. Select the entire text of the Node field by clicking three times in rapid succession, or else by dragging across the field. The selected portion will be highlighted with reverse video. Typing in the desired node name will replace the existing text.

Another change you will want to make is to specify the proper policy (unless the policy name you want to use happens to match the one in the policy field). Click once on the policy field and you will be shown a list of available policies.

Select a policy from the list and it will be highlighted. Then clicking the OK button will return you to the assessment dialog box with your new choice in place. (It is also possible to double-click in the list of policies to save time.)

As with the policy dialog box, the assessment dialog box contains a comment field where you can record the reason for assessment changes. When you are satisfied with the contents of the assessment dialog box you can click on Apply or OK to make your changes take effect. (OK will also cause the box to disappear, while Apply leaves it in place for further actions such as creating more new node entries.)

3.3.5 Running the Assessment

With both an assessment and a policy in place, you are now ready to run. From your own user process you will issue the command, but the actual testing on the master node and transmission of a request to tributary nodes takes place behind the scenes. This frees up your process for doing other work (or for logging out if you are leaving the area).


Select the Run command from the Control menu on the Main window. This creates a dialog box from which you can select which assessment to run.

The list of available assessments is displayed, and you can double-click on any of them to cause them to run. You can also select the text field at the bottom of the dialog box and type an assessment name in manually, but it must match one of the names from the list.

When you have specified which assessment is to be run, an Option dialog box is displayed to allow you to specify any delay or repetition in the running of the assessment. To use the After field you must specify an Absolute Time in the standard VMS format (dd-mmm-yyyy hh:mm). To use the Interval field you must specify a Delta Time in the standard VMS format (ddd hh:mm). For your initial efforts it is probably better to leave both fields blank and just click on the OK button.

3.3.6 Reviewing Assessment Results

You can review the report of LJK/Security results at any time, and if testing is not yet completed the report will so indicate. The time required to complete an assessment varies depending upon your particular policy selections and how busy the tributary nodes are with other work. After a while you will develop a feeling for how long it it takes to complete testing on all your tributary nodes. For a very simple policy with the Disk facility disabled and minimal password guessing it might be as little as 5 minutes. For more extensive testing, especially on heavily loaded machines, it might take several hours.


Select the Report command from the Control menu of the Main window. A dialog box will be created with a list of possible assessments to be reviewed. (It may be shorter than the list for the Run command, since it does not include assessments for which the Run command has never been issued). Double click on the desired assessment, and a Result window will be created.

In the result window you will see a list of all violations reported from the running of the assessment. They are arranged in alphabetic order by node name and then in alphabetic order by test name. Use the scroll bar slider on the right hand side to move up and down the list if it is longer than can be shown on the screen at once.

Note

1 Naming rules are in Section 5.3, Name Formats.

2 Naming rules are in Section 5.3, Name Formats.

3 Specification of node names is discussed in Section 8.1, Adding and Removing Nodes from the Assessment.

3.4 Overview of LJK/Security Pulldown Menus

Formalizing some of the information in the previous section, there are four types of LJK/Security windows provided:

3.4.1 Main Window Menus

The Control Menu contains commands to control the running of assessments and to review assessment results.

The File menu contains commands to create new assessments and policies and to open existing new assessments and policies for review and modification.

The Kit menu contains commands to generate VMSINSTAL kits to be used to install software on tributary nodes.

The DECwindows menu contains commands to save and restore user preferences.

The Help menu contains commands to get further information on operation of the LJK/Security Window Interface.

3.4.2 Assessment Window Menus

The Control Menu contains a command to close the Assessment Window.

The Edit menu contains commands to transfer information to and from the clipboard and to show or modify the contents of individual Assessment records. Double-clicking on an individual record performs a default action which is equivalent to the Modify command on the Edit menu.

The Help menu contains commands to get further information on operation of the LJK/Security Window Interface.

3.4.3 Policy Window Menus

The Control Menu contains a command to close the Policy Window.

The Edit menu contains commands to transfer information to and from the clipboard and to show or modify the contents of existing Policy records, and to create new Exemption records. Double-clicking on an individual record performs a default action which is equivalent to the Modify command on the Edit menu.

The Help menu contains commands to get further information on operation of the LJK/Security Window Interface.

3.4.4 Result Window Menus

The Control Menu contains a command to close the Result Window.

The Edit menu contains commands to transfer information to the clipboard.

The Help menu contains commands to get further information on operation of the LJK/Security Window Interface.

3.5 Using the Window Interface for Day-to-Day Tasks

This section gives a sampling of some of the tasks which can be performed with the LJK/Security Window Interface. The choice of examples is intended to demonstrate aspects of the Window Interface which are particularly useful but were not already covered in Section 3.3, Using the Window Interface on a New Installation.

For information on specific portions of LJK/Security Window Interface displays, use the mechanism described in Section 3.2, Context Sensitive Help.

3.5.1 Viewing Multiple Assessments

Using the commands from the File menu of the Main Window, you can open multiple assessments and policies at the same time, to the limit permitted by the quotas authorized by your VMS account. (Exact quota values required depend on VMS versions and other variables---experimentation is the best method to determine what quota settings support your required pattern of operation.)

3.5.2 Copying an entry to another assessment

You can select one or more lines in an assessment window and use the Copy command from the Edit menu to copy them to the clipboard.

After the records have been copied to the DECwindows clipboard, they can be pasted back into a different assessment window by using the Paste command from the Edit menu of the target assessment window. The information copied is the full detailed assessment record, not just what is displayed in the assessment window.

Note that when a Paste command is used on an LJK/Security window, a dialog box is created asking for entry into the comment field. Whether such a field must be filled in depends on your local rules, but in any case, LJK/Security does keep track of which user performed the Paste operation, since that is the same as modifying a record directly.

Information copied to the clipboard from LJK/Security Assessment Windows can also be pasted into text windows of other DECwindows applications. That information is passed to those applications in summary text form (as shown in the assessment window) rather than in the binary form used between LJK/Security windows.

For advanced DECwindows users, all four forms of QuickCopy are also available between LJK/Security assessment windows. See the DECwindows documentation from VMS Development for details.

Previous Next Contents Index