Generally, only HP system code should be licensed, but licensing also allows appli-
cations to run privileged programs, while preventing users from running unauthorized
Certain third party products may need to license certain of their programs or
library files. The necessary documentation should be provided by the vendor.
RISK Licensing a program has the effect of giving it the privileges of the
SUPER.SUPER user. Privileged operations in the program can bypass any ordi-
nary security interface (such as authentication of userids and memory-
RISK Licensing can allow a program to execute ordinary instructions but
using privileged addressing modes that allow references to system global (SG)
RISK Licensing a program that uses privileged operations can seriously com-
promise both system integrity and security, by granting the program access into
system spaces that provide the opportunity to alter system tables and data.
RISK Data and information can be gathered and/or modified anywhere in the
system. Execution of privileged instructions can directly access the interproces-
sor bus and I/O devices. It has the potential to change its PAID in the process
control block in order to gain the privileges of other users (including
SUPER.SUPER) and then browse and change files or directly manipulate physi-
cal hardware resources.
RISK A licensed program has the potential to bypass any ordinary security
interface (such as authentication of userids and memory-management
RISK If an intruder’s program is licensed, the intruder can execute procedures
that have either the PRIV or CALLABLE attribute, making the program capa-
ble of modifying protected memory areas, including its own or other programs’
instructions and data, without leaving evidence of the change.
Securing LICENSED Files
Monitoring the licensed programs on the system is fundamental to the Corporate
Security Policy. There are four phases necessary to ensure that the system is not vulner-
able to unauthorized licensed programs or unauthorized use of approved licensed
Documentation and authorizing of all licensed programs
Securing licensed files
328 Licensed Files