SETUID is a tool designed to make a Unix system secure. This is done
by forcing every program to run with an absolute minimum of priviliges,
and making the interfaces between the parts explicit and managed by
a central program (setuid) and a central set of rules (written in the
language recognized by the setuid program).
SETUID was orginally written (by me) for a bank in the Netherlands. It has achieved all its design goals:
There have been 180 offices (branches of the bank) running this setup.
Unfortunately, the bank decided that Windows 3.1 clients and Novell servers were the way to go, so the OS/2 clients and Unix servers were thrown out. IVT was the terminal emulator used to access the Unix servers from the OS/2 clients. Remote service of the Unix boxes was done with IVT (because of the Challenge/Response protocol) and SETUID to manage the priviliges required for the support personnel.
The BR program was used to to backup/restore actions on the Unix box.
All these tools were developed by me, and are now available to anyone who is interested. I'm trying to prepare this stuff for general release, rewriting the manuals in English, porting the stuff to the most popular *nix versions and so on, but can't seem to find the time required as IVT is eating up all avaliable keyboard time :-(
The current version is provided here "as is". The manual is about 90% finished, the simple "configure" script should work for AIX 4, AIX 5.1, AIX 5.2, Linux, SYSVr4, HP-UX 10 and HP-UX 11. No Solaris.
The following files are provided:
View My Stats