Xerox DocuTech 6100 Production Publisher Fascicule
Security and Network Setup
System Guide
3-9
User level changes
The following user-level changes are made:
•
•
all users for at, cron, and batch are disallowed
•
nuucp account is disabled
•
listen account is disabled
•
password entry locked for bin, sys, adm, uucp, nobody,
•
noaccess, nobody4, and anonymous
•
removal of + from the hosts.equiv file
Solaris file permissions
The fix-modes utility (from the Solaris Security Toolkit)
adjusts group and world write permissions. It is run with the -
s option to secure file permissions for Solaris files that were
created at install time only. Customer-generated files are not
affected.
NOTE: When this command is run, a file called /var/ sadm/
install/content.mods is left. Do not delete this file. It contains
valuable information needed by fix modes to revert the
changes to the system file permissions if the security setting
is changed back to medium.
adjusts group and world write permissions. It is run with the -
s option to secure file permissions for Solaris files that were
created at install time only. Customer-generated files are not
affected.
NOTE: When this command is run, a file called /var/ sadm/
install/content.mods is left. Do not delete this file. It contains
valuable information needed by fix modes to revert the
changes to the system file permissions if the security setting
is changed back to medium.
Network and name service changes
The following changes occur when security is invoked.
Disabling secure name service databases
The following databases are disabled when security is
invoked:
•
invoked:
•
passwd(4)
•
group(4)
•
exec_attr(4)
•
prof_attr(4)
•
ser_attr(4)