DELUSER User Program

Securing DELUSER

RISK If the DELUSER utility is not controlled, the SUPER.SUPER user or other important userids could be deleted from the system.

Deleting users from the system is recommended when that userid is no longer needed. Deleting a userid stops that user from logging on to the system. Who is allowed to delete users should be controlled at the maximum level.

RISK When a userid is deleted from the system, the files that are owned by the userid are orphaned. These files should be located and ownership changed to a valid userid.

Without the Safeguard Subsystem

If Safeguard software is not in use on the system, then the DELUSER program is used to delete userids.

How the DELUSER program is secured depends on who is allowed to perform this function as defined by the Corporate Security Policy.

If only SUPER.SUPER is allowed to delete users, then the DELUSER program must be secured to SUPER access only. The DELUSER object file need not be licensed. This is the most secure methodology to control the function of deleting users from the system.

BP-FILE-DELUSER-01 DELUSER should be secured "- - - -".

BP-OPSYS-LICENSE-01 DELUSER must NOT be LICENSED.

BP-OPSYS-OWNER-01 DELUSER should be owned by SUPER.SUPER.

BP-OPSYS-FILELOC-01 DELUSER must reside in $SYSTEM.SYSnn

If the policy authorizes Group Managers to DELETE userids from their own groups, then all groups will have to be granted EXECUTE access. Guardian will prevent users other than the 255 member of any group from deleting users to existing groups. Only SUPER.SUPER will be able delete userids from other groups. To allow Group Managers the right to delete userids, the DELUSER object file must be licensed.

BP*-FILE-DELUSER-01 DELUSER should be secured "- - A -".

BP*-OPSYS-LICENSE-01 DELUSER must be LICENSED.

BP*-OPSYS-OWNER-01 DELUSER should be owned by SUPER.SUPER.

BP*-OPSYS-FILELOC-01 DELUSER must reside in $SYSTEM.SYSnn

RISK Because of DELUSER's unique function, any old SYSnn locations that may be present on the system must be secured from unauthorized use.

BP-FILE-DELUSER-02 DELUSER in old $SYSTEM.SYSnn locations must be secured "- - - -".

With the Safeguard Subsystem

If Safeguard software is in use on the system, then DELUSER will not run. Instead it will display a warning that Safeguard should be used to delete users.

  44> deluser oper.bryan   SAFEGUARD IS RUNNING; USE SAFECOM TO DELETE USERS  

Groups and Users will be deleted through the Safeguard interface. See chapter titled Safeguard Subsystem for more information.

AP-ADVICE-DELUSER-01 The DELUSER object file's Guardian security string and/or a Safeguard Protection Record should prevent any user other than SUPER.SUPER from executing it, in the case that Safeguard software is not running.

BP-FILE-DELUSER-01 DELUSER should be secured "- - - -".

BP-OPSYS-LICENSE-01 DELUSER must NOT be LICENSED.

BP-OPSYS-OWNER-01 DELUSER should be owned by SUPER.SUPER.

BP-OPSYS-FILELOC-01 DELUSER must reside in $SYSTEM.SYSnn

BP-SAFE-DELUSER-01 Add a Safeguard Protection Record to prevent execution of the DELUSER object file directly by any user.

Related Topics

Users

Safeguard