Discovery Questions Look here:
OPSYS-OWNER-01 Who owns the LISTNER object file? Fileinfo
OPSYS-OWNER-03 Who owns the <portconf> file? Fileinfo
FILE-POLICY Who is allowed to start and stop LISTNERs
on the system?
Is the LISTNER object file correctly secured with
the Guardian or Safeguard system?
FILE-POLICY Who can make changes to the <portconf> file? Policy
Is the <portconf> file correctly secured with the
Guardian or Safeguard system?
LOGIN System Program
The LOGIN program is started by the TELSERV process after a user has specified a
service name to TELSERV. The LOGIN program starts the appropriate service and
authenticates the user if configured to do so. If the service chosen by the user does not
require authentication, the program defined for the service is started and no authenti-
cation is done. If authentication is required, the user is prompted for a userid or alias
and the password for that userid or alias. If they are valid, the program defined for the
service is started already with authentication. If invalid, the user is returned to the
In general, TACL, PATHWAY and LOGON must be started without authenti-
cation. /bin/sh must be started with authentication.
NOTE: Services are defined for an individual TELSERV process using the SCF
RISK Starting without authentication could allow people to access the system
without a password.
BP-FILE-LOGIN-01 LOGIN should be secured “UUNU”.
BP-OPSYS-LICENSE-01 LOGIN must be LICENSED.
BP-OPSYS-OWNER-01 LOGIN must be owned by SUPER.SUPER.
LOGIN System Program 339