setuid.tar.gz
View My Stats
SETUID is a tool designed to make a Unix system secure. This is done
by forcing every program to run with an absolute minimum of priviliges,
and making the interfaces between the parts explicit and managed by
a central program (setuid) and a central set of rules (written in the
language recognized by the setuid program).
SETUID was orginally written (by me) for a bank in the Netherlands. It
has achieved all its design goals:
There have been 180 offices (branches of the bank) running this setup.
Unfortunately, the bank decided that Windows 3.1 clients and Novell
servers were the way to go, so the OS/2 clients and Unix servers were
thrown out. IVT was the terminal emulator used to access the Unix
servers from the OS/2 clients. Remote service of the Unix boxes was
done with IVT (because of the Challenge/Response protocol) and SETUID
to manage the priviliges required for the support personnel.
The BR program was used to to backup/restore actions
on the Unix box.
All these tools were developed by me, and are now available to anyone
who is interested. I'm trying to prepare this stuff for general release,
rewriting the manuals in English, porting the stuff to the most popular
*nix versions and so on, but can't seem to find the time required as
IVT is eating up all avaliable keyboard time :-(
The current version is provided here "as is". The manual is about 90%
finished, the simple "configure" script should work for AIX 4, AIX 5.1,
AIX 5.2, Linux, SYSVr4, HP-UX 10 and HP-UX 11. No Solaris.
Comments welcomed.
The following files are provided:
setuid.tar.gz
View
My Stats