COUP System Utility
The Configuration Utility Program (COUP) is a utility used on D-series and earlier releases to make online changes to the configuration of devices and controllers. COUP is part of the Dynamic-System Configuration (DSC) facility. COUP has been super- ceded by SCF on G series OS releases.
COUP makes it possible to avoid shutting down and regenerating a system every time a change must be made to the configuration. COUP is used to:
Get information about the system configuration
Add, delete or alter the characteristics of controllers and other devices in the system configuration.
Add and delete disk volumes
Start or Stop devices' I/O processes.
Alter the SYSTEM^ID or SYSTEM^TIME attributes
COUP updates the OSCONFIG file, which stores the current operating system's configuration information.
RISK COUP is a security risk in its ability to alter the system-generated configuration dynamically. This could alter or disable devices on the system.
RISK COUP must be run locally to make changes to the system configuration, but queries can be done remotely. Remote execution access should normally not be allowed, forcing the local SUPER user to use this program.
By program default, only members of the SUPER Group can EXECUTE the COUP commands that alter the system configuration. This helps to mitigate the risk of accidental use by users outside the Super Group.
This program is used when system hardware changes are necessary or in emergency situations, requiring access by system operators or a hardware technician. General use of this program is not usually necessary.
AP-ADVICE-COUP-01 Operating System configuration records are recorded in the OSCONFIG file. Access must be prevented to secure it from inadvertent loss or corruption of this file.
On G-series releases, similar functions are performed by SCF, therefore no COUP program should exist.
Securing COUP
BP-FILE-COUP-01 COUP should be secured "UUCU".
BP-OPSYS-OWNER-01 COUP should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-01 COUP must reside in $SYSTEM.SYSnn.
BP-FILE-COUP-02 OSCONFIG should be secured "CCUU".
BP-OPSYS-OWNER-01 OSCONFIG should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-01 OSCONFIG must reside in $SYSTEM.SYSnn.
If available, use Safeguard or a third party object security product to grant access to COUP for necessary personnel, and deny access to all other users.
BP-SAFE-COUP-01 Add a Safeguard Protection Record to grant appropriate access to the COUP object file.
BP-SAFE-COUP-02 Add a Safeguard Protection Record to grant appropriate access to the OSCONFIG file.
COUP Commands With Security Implications
COUP has its own 'internal' security; controlling sensitive commands, marked with an asterisk (*) in the list below. These commands can only be run by members of the SUPER Group. All of the commands in the list manipulate the hardware configuration of the system.
ADD*
ALTER*
CONFIG
DELETE*
RENAME*
RUN
START*
STOP*
3P-ACCESS-COUP-01 If a third party product is used to grant access to COUP running as a SUPER Group userid , these commands should be denied to all users other than the system managers.
| Discovery Questions | Look here: | |
|---|---|---|
| OPSYS-OWNER-01 | Who owns the COUP object file? | Fileinfo |
| OPSYS-OWNER-01 | Who owns the OSCONFIG file? | Fileinfo |
| FILE-POLICY | Who is allowed to execute COUP on the system? | Policy |
| FILE-COUP-01 | Is the COUP object file correctly secured with the Guardian or Safeguard system? | Fileinfo Safecom |
| FILE-COUP-02 | Is the OSCONFIG object file correctly secured with the Guardian or Safeguard system? | Fileinfo Safecom |
Related Topics
SCF
