LJK/Security Reference Manual
DISKMOUNT
Ensure that only authorized disks have been mounted.
Violation reports
| Constraint |
Nature of the violation |
|
GRPFORBID
|
Unauthorized disk was mounted /GROUP
|
|
SYSFORBID
|
Unauthorized disk was mounted /SYSTEM
|
|
USERFORBID
|
Unauthorized disk was mounted privately
|
Description
These tests ensure than any previously mounted disks had authorized
names (as indicated by the presence of an exemption to
test (DISK, DISKMOUNT, *).
Default policy
By default (USAGE,DISKMOUNT,*) tests are not enabled
Customizing
Exemptions for (DISK,DISKMOUNT,*) tests are also honored
for (USAGE,DISKMOUNT,*) tests.
The second part (Volume Name) of the (DISK,DISKMOUNT,*) exemption
specification must be the of the form "DISK$<label>"
Selector
Limits
| Constraint |
Value |
Default |
|
GRPFORBID
|
FALSE or TRUE
|
FALSE
|
|
SYSFORBID
|
FALSE or TRUE
|
FALSE
|
|
USERFORBID
|
FALSE or TRUE
|
FALSE
|
Exemptions
<device-name>)
| Constraint |
Value |
Parameters |
|
GRPFORBID
|
FALSE or TRUE
|
<node>,<absolute-time> or <earliest-time>
|
|
SYSFORBID
|
FALSE or TRUE
|
<node>,<absolute-time> or <earliest-time>
|
|
USERFORBID
|
FALSE or TRUE
|
<node>,<absolute-time> or <earliest-time>
|
Practical considerations
Enable these tests only when also adding
exemptions for (DISK,DISKMOUNT,*). �
DISKWRITE
Ensure that only authorized disks have been mounted.
Violation reports
| Constraint |
Nature of the violation |
|
GRPFORBID
|
Unauthorized disk was mounted /GROUP
|
|
SYSFORBID
|
Unauthorized disk was mounted /SYSTEM
|
|
USERFORBID
|
Unauthorized disk was mounted privately
|
Description
These tests ensure than any disks previously mounted write-enabled had
authorized names (as indicated by the presence of an
exemption to test (DISK, DISKWRITE,
*).
Default policy
By default (USAGE,DISKWRITE,*) tests are not enabled
Customizing
Exemptions for (DISK,DISKWRITE,*) tests are also honored
for (USAGE,DISKWRITE,*) tests.
The second part (Volume Name) of the (DISK,DISKWRITE,*) exemption
specification must be the of the form "DISK$<label>"
Selector
Limits
| Constraint |
Value |
Default |
|
GRPFORBID
|
FALSE or TRUE
|
FALSE
|
|
SYSFORBID
|
FALSE or TRUE
|
FALSE
|
|
USERFORBID
|
FALSE or TRUE
|
FALSE
|
Exemptions
<device-name>)
| Constraint |
Value |
Parameters |
|
GRPFORBID
|
FALSE or TRUE
|
<node>,<absolute-time> or <earliest-time>
|
|
SYSFORBID
|
FALSE or TRUE
|
<node>,<absolute-time> or <earliest-time>
|
|
USERFORBID
|
FALSE or TRUE
|
<node>,<absolute-time> or <earliest-time>
|
Practical considerations
Enable these tests only when also adding
exemptions for (DISK,DISKWRITE,*). �
DOASSESS
Ensure that separation of Security Assessment from other privileged
duties conforms to policy.
Violation reports
| Constraint |
Nature of the violation |
|
DOAUDIT
|
Intervening Audit Control actions
|
|
DOCONNECT
|
Intervening Connect actions
|
|
DOINSTALL
|
Intervening image install activities
|
|
DOMOUNT
|
Intervening mount actions
|
|
DONCP
|
Intervening Network Management actions
|
|
DOPROCESS
|
Intervening privileged process control actions
|
|
DOSYSGEN
|
Intervening System Parameter changes
|
|
DOTIME
|
Intervening SET TIME actions
|
|
DOUAF
|
Intervening Authorization actions
|
|
DOUSEPRIV
|
Intervening use of privilege for some other purpose
|
Description
The tests for this element determine
separation of duties between Security Assessment and other privileged
security relevant activities conforms to policy.
Each test will detect any case where one of the other
privileged security relevant activities intervenes between two Security
Assessment activities by the same user that are less that a specified
interval apart in time.
These separation of duties tests do not apply to
actions performed by the VMS system startup process.
Default policy
By default, none of the separation of duties tests are
enabled
Customizing
Make minor adjustments to suit your environment
Selector
Limits
| Constraint |
Value |
Default |
|
DOAUDIT
|
time interval
|
none
|
|
DOCONNECT
|
time interval
|
none
|
|
DOINSTALL
|
time interval
|
none
|
|
DOMOUNT
|
time interval
|
none
|
|
DONCP
|
time interval
|
none
|
|
DOPROCESS
|
time interval
|
none
|
|
DOSYSGEN
|
time interval
|
none
|
|
DOTIME
|
time interval
|
none
|
|
DOUAF
|
time interval
|
none
|
|
DOUSEPRIV
|
time interval
|
none
|
Exemptions
| Constraint |
Value |
Parameters |
|
DOAUDIT
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOCONNECT
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOINSTALL
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOMOUNT
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DONCP
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOPROCESS
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOSYSGEN
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOTIME
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOUAF
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOUSEPRIV
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
Practical considerations
The (USAGE, DO*) tests are
intended to detect inadequate separation of duties. Do not shoot the
messenger. �
DOAUDIT
Ensure that separation of Security Audit Control from other privileged
duties conforms to policy.
Violation reports
| Constraint |
Nature of the violation |
|
DOASSESS
|
Intervening Security Assessment actions
|
|
DOCONNECT
|
Intervening Connect actions
|
|
DOINSTALL
|
Intervening image install activities
|
|
DOMOUNT
|
Intervening mount actions
|
|
DONCP
|
Intervening Network Management actions
|
|
DOPROCESS
|
Intervening privileged process control actions
|
|
DOSYSGEN
|
Intervening System Parameter changes
|
|
DOTIME
|
Intervening SET TIME actions
|
|
DOUAF
|
Intervening Authorization actions
|
|
DOUSEPRIV
|
Intervening use of privilege for some other purpose
|
Description
The tests for this element determine
separation of duties between Security Audit Control and other
privileged security relevant activities conforms to policy.
Each test will detect any case where one of the other
privileged security relevant activities intervenes between two Security
Audit Control activities by the same user that are less that a
specified interval apart in time.
These separation of duties tests do not apply to
actions performed by the VMS system startup process.
Default policy
By default, none of the separation of duties tests are
enabled
Customizing
Make minor adjustments to suit your environment
Selector
Limits
| Constraint |
Value |
Default |
|
DOASSESS
|
time interval
|
none
|
|
DOCONNECT
|
time interval
|
none
|
|
DOINSTALL
|
time interval
|
none
|
|
DOMOUNT
|
time interval
|
none
|
|
DONCP
|
time interval
|
none
|
|
DOPROCESS
|
time interval
|
none
|
|
DOSYSGEN
|
time interval
|
none
|
|
DOTIME
|
time interval
|
none
|
|
DOUAF
|
time interval
|
none
|
|
DOUSEPRIV
|
time interval
|
none
|
Exemptions
| Constraint |
Value |
Parameters |
|
DOASSESS
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOCONNECT
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOINSTALL
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOMOUNT
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DONCP
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOPROCESS
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOSYSGEN
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOTIME
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOUAF
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOUSEPRIV
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
Practical considerations
The (USAGE, DO*) tests are
intended to detect inadequate separation of duties. Do not shoot the
messenger. �
DOCONNECT
Ensure that separation of Network Connection from other privileged
duties conforms to policy.
Violation reports
| Constraint |
Nature of the violation |
|
DOASSESS
|
Intervening Security Assessment actions
|
|
DOAUDIT
|
Intervening Audit Control actions
|
|
DOINSTALL
|
Intervening image install activities
|
|
DOMOUNT
|
Intervening mount actions
|
|
DONCP
|
Intervening Network Management actions
|
|
DOPROCESS
|
Intervening privileged process control actions
|
|
DOSYSGEN
|
Intervening System Parameter changes
|
|
DOTIME
|
Intervening SET TIME actions
|
|
DOUAF
|
Intervening Authorization actions
|
|
DOUSEPRIV
|
Intervening use of privilege for some other purpose
|
Description
The tests for this element determine
separation of duties between Network Connection and other privileged
security relevant activities conforms to policy.
Each test will detect any case where one of the other
privileged security relevant activities intervenes between two Network
Connection activities by the same user that are less that a specified
interval apart in time.
These separation of duties tests do not apply to
actions performed by the VMS system startup process.
Default policy
By default, none of the separation of duties tests are
enabled
Customizing
Make minor adjustments to suit your environment
Selector
Limits
| Constraint |
Value |
Default |
|
DOASSESS
|
time interval
|
none
|
|
DOAUDIT
|
time interval
|
none
|
|
DOINSTALL
|
time interval
|
none
|
|
DOMOUNT
|
time interval
|
none
|
|
DONCP
|
time interval
|
none
|
|
DOPROCESS
|
time interval
|
none
|
|
DOSYSGEN
|
time interval
|
none
|
|
DOTIME
|
time interval
|
none
|
|
DOUAF
|
time interval
|
none
|
|
DOUSEPRIV
|
time interval
|
none
|
Exemptions
| Constraint |
Value |
Parameters |
|
DOASSESS
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOAUDIT
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOINSTALL
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOMOUNT
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DONCP
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOPROCESS
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOSYSGEN
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOTIME
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOUAF
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOUSEPRIV
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
Practical considerations
The (USAGE, DO*) tests are
intended to detect inadequate separation of duties. Do not shoot the
messenger. �
DOINSTALL
Ensure that separation of Use of the Install Utility from other
privileged duties conforms to policy.
Violation reports
| Constraint |
Nature of the violation |
|
DOASSESS
|
Intervening Security Assessment actions
|
|
DOAUDIT
|
Intervening Audit Control actions
|
|
DOCONNECT
|
Intervening Connect actions
|
|
DOMOUNT
|
Intervening mount actions
|
|
DONCP
|
Intervening Network Management actions
|
|
DOPROCESS
|
Intervening privileged process control actions
|
|
DOSYSGEN
|
Intervening System Parameter changes
|
|
DOTIME
|
Intervening SET TIME actions
|
|
DOUAF
|
Intervening Authorization actions
|
|
DOUSEPRIV
|
Intervening use of privilege for some other purpose
|
Description
The tests for this element determine
separation of duties between Use of the Install Utility and other
privileged security relevant activities conforms to policy.
Each test will detect any case where one of the other
privileged security relevant activities intervenes between two Use of
the Install Utility activities by the same user that are less that a
specified interval apart in time.
These separation of duties tests do not apply to
actions performed by the VMS system startup process.
Default policy
By default, none of the separation of duties tests are
enabled
Customizing
Make minor adjustments to suit your environment
Selector
Limits
| Constraint |
Value |
Default |
|
DOASSESS
|
time interval
|
1 year
|
|
DOAUDIT
|
time interval
|
1 year
|
|
DOCONNECT
|
time interval
|
none
|
|
DOMOUNT
|
time interval
|
none
|
|
DONCP
|
time interval
|
1 year
|
|
DOPROCESS
|
time interval
|
none
|
|
DOSYSGEN
|
time interval
|
none
|
|
DOTIME
|
time interval
|
none
|
|
DOUAF
|
time interval
|
1 year
|
|
DOUSEPRIV
|
time interval
|
none
|
Exemptions
| Constraint |
Value |
Parameters |
|
DOASSESS
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOAUDIT
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOCONNECT
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOMOUNT
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DONCP
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOPROCESS
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOSYSGEN
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOTIME
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOUAF
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
|
DOUSEPRIV
|
time interval
|
<node>, <absolute-time> or <earliest-time>
|
Practical considerations
The (USAGE, DO*) tests are
intended to detect inadequate separation of duties. Do not shoot the
messenger. �