The following table shows the access requirements of the RDF processes.
Primary System Processes | |||||||
---|---|---|---|---|---|---|---|
RDFCOM | RDFMON | RDFSCAN | RDFEXT | Receiver | Updater | RDFSNOOP | |
Primary System | |||||||
Configuration File | RWCP | RW | RW | ||||
Context File | RWCP | RW | |||||
Extractor Object File | E | E | |||||
Extractor Process | RW | RW | E | ||||
RDFCOM Help File | R | ||||||
TMF Master Audit File | R | R | |||||
NonStop RDF Log File | RWC | RW | R | RW R | |||
RDFLOCK | RW | ||||||
RDFMON Object File | E | E | |||||
RDFMON Process | RW | E | RW | ||||
RDFSCAN Help File | R | R | |||||
Backup System | |||||||
Configuration File | RWC | RW | |||||
Context File | RWCP | RW | |||||
Image Files | P | ||||||
NonStop RDF Log File | R | ||||||
Receiver Process | RW | RW | RW | ||||
RDFRCV Object File | E | ||||||
Updater Process | RW | RW | |||||
RDFUPDO Object File | E | ||||||
Backup System Processes | |||||||
RDFCOM | RDFMON | RDFSCAN | RDFEXT | Receiver | Updater | RDFSNOOP | |
Primary System | |||||||
NonStop RDF Log File | R | ||||||
Backup System | |||||||
Configuration File | RW | R | R | R | |||
Context File | RW | RW | RW | RW | |||
Database Files | RWC[1] | ||||||
Exception Files | R | WC | R | ||||
Image Files | RWPC | RWPC | R | R | |||
NonStop RDF Log File | RW | RW | R | RWC | RW | ||
RDFCOM Help File | R | ||||||
RDFLOCK | RW | ||||||
RDFMON Object File | E | E R | |||||
DFMON Process | RW | ||||||
RDFSCAN Help File | R | ||||||
Receiver Process | RW | RW | RW | ||||
RDVRCV Object File | E | E | |||||
Updater Processes | RW | RW | RW | ||||
RDFUPD Object File | E | ||||||
[1]The Updater process logs on as 255.255 before opening the database. CREATE (assumes presence of Safeguard software) |
BP-FILE-RDF-01 $SYSTEM.<rdf-subvol> should be secured "NUUU" unless otherwise noted
BP-OPSYS-OWNER-03 $SYSTEM.<rdf-subvol> should be owned by SUPER.SUPER.
BP-FILE-RDF-02 RDFCHECK should be secured "UUCU".
BP-OPSYS-LICENSE-02 RDFCHECK must be LICENSED.
BP-OPSYS-OWNER-02 RDFCHECK should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-02 RDFCHECK must reside in $SYSTEM.SYSTEM
BP-FILE-RDF-03 RDFCOM should be secured "UUCU".
BP-OPSYS-OWNER-02 RDFCOM should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-02 RDFCOM must reside in $SYSTEM.SYSTEM
BP-FILE-RDF-04 RDFEXTO should be secured "UUCU".
BP-OPSYS-OWNER-02 RDFEXTO should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-02 RDFEXTO must reside in $SYSTEM.SYSTEM
BP-FILE-RDF-05 RDFMONO should be secured "UUCU".
BP-OPSYS-OWNER-02 RDFMONO should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-02 RDFMONO must reside in $SYSTEM.SYSTEM
BP-FILE-RDF-06 RDFSCAN should be secured "UUCU".
BP-OPSYS-OWNER-02 RDFSCAN should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-02 RDFSCAN must reside in $SYSTEM.SYSTEM
BP-FILE-RDF-07 RDFSNOOP should be secured "UUUU".
BP-OPSYS-LICENSE-02 RDFSNOOP must be LICENSED.
BP-OPSYS-OWNER-02 RDFSNOOP should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-02 RDFSNOOP must reside in $SYSTEM.SYSTEM
BP-FILE-RDF-08 RDFRCVO should be secured "UUCU".
BP-OPSYS-LICENSE-02 RDFRCVO must be LICENSED.
BP-OPSYS-OWNER-02 RDFRCVO should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-02 RDFRCVO must reside in $SYSTEM.SYSTEM
BP-FILE-RDF-09 RDFUPDO should be secured "UUCU".
BP-OPSYS-LICENSE-02 RDFUPDO must be LICENSED.
BP-OPSYS-OWNER-02 RDFUPDO should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-02 RDFUPDO must reside in $SYSTEM.SYSTEM
BP-FILE-RDF-10 RDF Image Files should be secured "CUCU".
BP-OPSYS-OWNER-03 RDF Image Files should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-03 RDF Image Files reside in $<vol>.<rdf-subvol
If available, use Safeguard software or a third party object security product to grant access to NonStop RDF components only to users who require the access in order to perform their jobs.
BP-SAFE-RDF -01 Add a Safeguard Protection Record to grant the appropriate access to the RDFCOM object file.
BP-SAFE-RDF -02 Add a Safeguard Protection Record to grant the appropriate access to the RDFMONO object file.
BP-SAFE-RDF -03 Add a Safeguard Protection Record to grant the appropriate access to the RDFSNOOP object file.
BP-SAFE-RDF -04 Add a Safeguard SUBVOLUME Protection Record to grant the appropriate access to the RDF Image Files.
RISK Unauthorized users of NonStop RDF could copy databases with sensitive data to locations where that data could be read or manipulated.
AP-RDF-ADVICE-02 The NonStop RDF databases, whether local or remote, must be secured at the same or greater level of security than the files being backed up.
AP-RDF-ADVICE-03 The NonStop RDF databases should not be accessible to any but authorized users from on either the local or remote system.
This section describes only the RDFCOM commands that pose security risks.
If a third party access control product is used to grant selected users access to RDFCOM running as the NonStop RDF owner the sensitive commands should only be granted to the appropriate users and denied to all others.
ADD* #
ALTER* #
COPYAUDIT* ^
DELETE* #
INITIALIZE* #
RESET* #
SET EXTRACTOR* #
SET MONITOR* #
SET RDF* #
SET RECEIVER* #
SET VOLUME* #
START RDF #
START UPDATE* #
STOP RDF*
STOP UPDATE* #
TAKEOVER* ^
UNPINAUDIT* #
VALIDATE CONFIGURATION* #
In the above list:
*The command can only be executed by a SUPER Group member.
# The command can only be run on the primary system.
^ The command can only be run on the backup system.
With a third party access control product
3P-ACCESS-RDF-01 Use a third party access control product to allow the users responsible for using NonStop RDF commands access as SUPER.SUPER.
Discovery Questions | Look here: | |
---|---|---|
FILE-POLICY | Is NonStop RDF software used on this system? | Policy |
OPSYS-OWNER-02 | Who owns the RDFCHEK file? | Fileinfo |
OPSYS-OWNER-02 | Who owns the RDFCOM file? | Fileinfo |
OPSYS-OWNER-02 | Who owns the RDFEXTO file? | Fileinfo |
OPSYS-OWNER-02 | Who owns the RDFMONO object file? | Fileinfo |
OPSYS-OWNER-02 | Who owns the RDFSCAN file? | Fileinfo |
OPSYS-OWNER-02 | Who owns the RDFCNOOP file? | Fileinfo |
OPSYS-OWNER-02 | Who owns the RDFRCVO file? | Fileinfo |
OPSYS-OWNER-02 | Who owns the RDFUPDO file? | Fileinfo |
OPSYS-OWNER-03 | Who owns the $SYSTEM.<rdf-subvol> files? | Fileinfo |
OPSYS-LICENSE-02 | Is the RDFCHEK file licensed? | Fileinfo |
OPSYS-LICENSE-02 | Is the RDFSNOOP file licensed? | Fileinfo |
OPSYS-LICENSE-02 | Is the RDFRCVO file licensed? | Fileinfo |
OPSYS-LICENSE-02 | Is the RDFUPDO file licensed? | Fileinfo |
FILE-POLICY | Where are the NonStop RDF Image files on the system? | Fileinfo RDFCOM |
FILE-RDF-02 | Is the RDFCHEK file secured correctly? | Fileinfo |
FILE-RDF-03 | Is the RDFCOM object file correctly secured with the Guardian or Safeguard system? | Fileinfo Safecom |
FILE-RDF-04 | Is the RDFEXTO object file secured correctly? | Fileinfo |
FILE-RDF-05 | I Is the RDFMONO object file correctly secured with the Guardian or Safeguard system? | Fileinfo Safecom |
FILE-RDF-06 | Is the RDFSCAN object file secured correctly? | Fileinfo |
FILE-RDF-07 | Is the RDFSNOOP object file correctly secured with Guardian or Safeguard? | Fileinfo Safecom |
FILE-RDF-08 | Is the RDFRCVO file secured correctly? | Fileinfo |
FILE-RDF-09 | Is the RDFUPDO file secured correctly? | Fileinfo |
FILE-RDF-10 | Are the RDF Image files secured correctly using the Guardian or Safeguard system? | Fileinfo Safecom |
Related Topics
NonStop TMF software
Securing Applications