System Administration Guide
Chapter 1, Administering user accounts
Security profiles

Security profiles

A security profile is a set of pre-configured values for parameters that control the security behavior of your system, such as how long passwords last, or what privileges are assigned to users. Once you choose a profile, you can switch to another profile, or change any one of the dozens of parameters on an individual basis. 

Table 1-6 System security profiles

 ------------------------------------------------------------------------------------------------
                                                                   Security profiles
 Security parameters                   Low            Traditional   Improved       High
 ------------------------------------------------------------------------------------------------
 Passwords 
 ------------------------------------------------------------------------------------------------
 Minimum days between changes          0              0             0              14
 Expiration time (days)                infinite       infinite      42             42
 Lifetime (days)                       infinite       infinite      365            90
 User can choose own                   yes            yes           yes            no
 User can run generator                yes            yes           yes            yes
 Maximum generated length              8              8             10             10
 Minimum length                        1              3             5              8
 Password triviality checks            none           System V      goodpw weak1   goodpw strong2
 Password obviousness checks           -              no            no1            yes2
 Password required to login            no             no            yes            yes
 Single user password required         yes            yes           yes            yes
 ------------------------------------------------------------------------------------------------
 Logins 
 ------------------------------------------------------------------------------------------------
 Maximum unsuccessful attempts         infinite       99            5/9            3/5
 (account/terminal)
 Delay between login attempts (secs)   0              1             2              2
 -- terminal only
 Time to complete login (secs) --      60             60            60             60
 terminal only
 ------------------------------------------------------------------------------------------------
 Authorizations 
 ------------------------------------------------------------------------------------------------
 Primary                               backup,        mem,          none           none 
                                       lp, mem,       terminal,
                                       terminal
 ------------------------------------------------------------------------------------------------
 Secondary                             audittrail,    audittrail,   audittrail,    queryspace
                                       queryspace,    printqueue,   queryspace,
                                       shutdown, su   queryspace,   printqueue,
                                                      su            su
 ------------------------------------------------------------------------------------------------
 Privileges 
 ------------------------------------------------------------------------------------------------
                                       chmodsugid,    chmodsugid,   chmodsugid,    chown,
                                       chown,         chown,        chown,         execsuid
                                       execsuid,      execsuid      execsuid
                                       suspendaudit
 ------------------------------------------------------------------------------------------------
 Default umask3                        022            022           027            077
 ------------------------------------------------------------------------------------------------
 C2 Features 
 LUID enforcement4                     no             no            no             yes
 STOPIO on devices4                    no             no            no             no
 SUID/SGID clear on write4             no             yes           yes            yes
 Users can be deleted5                 yes            yes           no             no
 Database corruption6                  recover        recover       lockout        lockout
 Database precedence7                  System V       System V      TCB            TCB
 ------------------------------------------------------------------------------------------------
 Other 
 ------------------------------------------------------------------------------------------------
 Users can schedule jobs               allow          allow         deny           deny
 Home directory permissions            755            755           750            700
 Dialup printers allowed               yes            yes           no             no
 Hushlogin allowed8                    yes            yes           yes            no
 Password for asroot(ADM)              no             no            no             yes
 Significant characters in passwords   8              8             80             80
 su(C) use logged                      no             yes           yes            yes
 /etc/shadow present                   no             yes           yes            yes
Notes:

  1. Simple checks are made, such as ensuring at least three characters differ and that at least one character be non-alphabetic.

  2. Thorough checks are made, including disallowing words that appear in the online dictionary.

  3. These are located in /etc/profile and /etc/cshrc. A umask of 077 results in the creation of files that are readable only by the owner.

  4. These features are explained in ``Disabling C2 features''.

  5. A requirement central to C2 is that a user ID (UID) cannot be reused. This means that user accounts cannot be reused or reactivated after retirement. With the lower security profiles, user accounts can be removed rather than retired and user IDs can be altered or reused.

  6. On a system that conforms to C2 requirements, users are locked out of a system when a security database becomes corrupted. This ensures that the system does not operate in a potentially non-secure state. In the lower defaults, the system attempts to correct inconsistencies automatically and displays a warning rather than locking out users.

  7. Two sets of account databases are maintained: UNIX System V and trusted computing base (TCB) files. One set is used as a master when a discrepancy occurs. This is described in ``Configuring database precedence and recovery''.

  8. This feature allows the suppression of login messages. See the login(M) manual page for information.