[ Previous | Next | Contents | Glossary | Home | Search ]
AIX Version 4.3 System User's Guide: Operating System and Devices

Security Threats

Threats to information security arise from three different types of behavior:

Carelessness Information security is often violated due to the carelessness of the authorized users of the system. If you are careless with your password, for instance, no other security mechanisms can prevent unauthorized access to your account and data.
Browsing Many security problems are caused by browsersauthorized users of the system exploring the system looking for carelessly protected data.
Penetration Penetration represents deliberate attacks upon the system. An individual trying to penetrate the system will study it for security vulnerabilities and deliberately plan attacks designed to exploit those weaknesses.

The last form of behavior usually represents the greatest threat to information security, but problems caused by carelessness or browsing should not be underestimated.

Basic Security

Every system should maintain the level of security represented by these basic security policies.


Physically secure, reliable, and up-to-date system backups are the single most important security task. With a good system backup, you can recover from any system problems with minimal loss. Your backup policy should be documented and include information regarding:

For more information, see "Backup Files and Storage Media".

Identification and Authentication

Identification and authentication establish your identity. You are required to log in to the system. You supply your user name and a password, if the account has one (in a secure system, all accounts should either have passwords or be invalidated). If the password is correct, you are logged in to that account; you acquire the access rights and privilege of the account.

Because the password is the only protection for your account, it is important that you select and guard your password carefully. Many attempts to break into a system start with attempts to guess passwords. The operating system provides significant password protection by storing user passwords separately from other user information. The encrypted passwords and other security-relevant data for users are stored in the /etc/security/passwd file. This file should be accessible only by the root user. With this restricted access to the encrypted passwords, an attacker cannot decipher the password with a program that simply cycles through all possible or likely passwords.

It is still possible to guess passwords by repeatedly attempting to log in to an account. If the password is trivial or is infrequently changed, such attacks may easily succeed.

Login User IDs

The operating system also identifies users by their login user ID. The login user ID allows the system to trace all user actions to their source. After a user logs in to the system but before running the initial user program, the system sets the login ID of the process to the user ID found in the user database. All subsequent processes during the login session are tagged with this ID. These tags provide a trail of all activities performed by the login user ID.

The user can reset the effective user ID, real user ID, effective group ID, real group ID, and supplementary group ID during the session, but cannot change the login user ID.

Unattended Terminals

All systems are vulnerable if terminals are left logged in and unattended. The most serious problem occurs when a system manager leaves a terminal unattended that has been enabled with root authority. In general, users should log off any time they leave their terminals.

You can force a terminal to log off after a period of inactivity by setting the TMOUT and TIMEOUT parameters in the /etc/profile file. The TMOUT parameter works in the ksh (Korn) shell, and the TIMEOUT parameter works in the bsh (Bourne) shell. For more information about the TMOUT parameter, see Parameter Substitution in the Korn Shell or POSIX Shell For more information about the TIMEOUT parameter, see Variable and File Name Substitution in the Bourne Shell

The following example, taken from a .profile file, forces the terminal to log off after an hour of inactivity:

echo "Setting Autologout to $TO"
Note: Users can override the TMOUT and TIMEOUT values in the /etc/profile file by specifying different values in the .profile file in your home directory.

[ Previous | Next | Contents | Glossary | Home | Search ]