Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ inspect(8) — POLYCENTER Security Compliance Manager 2.5

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

inspectd(8)

inspectsetup(8)

inspect(8)  —  Maintenance

 

Name

inspect − invoke the POLYCENTER Security Compliance Manager user interface to check system security policy compliance. 
 

Syntax

inspect [-c filename]

Description

The inspect command invokes the POLYCENTER Security Compliance Manager (CM) user interface. When invoked with the -c option, the inspector compiler is invoked instead. See the section below on the Inspector Compiler. 
 

POLYCENTER Security CM uses inspectors to analyse the security of the system. Inspectors are collections of tests that analyse the system’s security-relevant settings. An inspector will typically be designed to test (aspects of) a system for compliance with a specific security policy. 

Each test in an inspector is made up of a test primitive with a set of parameters that define what aspect of system security is to be tested. These test primitives are the basic building blocks of your security policy as implemented in the inspector. POLYCENTER Security CM comes with a set of over fifty of these test primitives to test most important aspects of system security, including the file system, accounts and passwords, and various aspects of network security. The same test primitive with different parameters may be used many times in a single inspector. For example, the file_protection test primitive, which checks that the owner, group, permission and integrity of a particular file are as specified, can be instantiated many times, each time with a different file specified. 

Inspectors are executed by a process known as the inspect daemon (inspectd).  When an inspector is scheduled to run, this daemon wakes up and inspects the system according to the tests contained in the inspector(s).  Upon completing an inspection, POLYCENTER Security CM generates a report, which may optionally be sent to a customisable distribution list.  Lockdown and unlockdown scripts may also be generated automatically. The lockdown script contains commands which attempt to bring the system into compliance with the parameters specified in the inspector. The unlockdown script contains commands which bring the system back to the state it was in at the time of the inspection. 
 

The Required Inspector

A special inspector, known as the Required Inspector, may reside on each system. This inspector is distinguished by its name, and has several important properties:

oUpon completion of the inspection, it sends security status information, coded into a message called a token, to a node running POLYCENTER Security Reporting Facility (SRF) software. Communication with POLYCENTER SRF may be configured at installation time, or at any later time using the inspectsetup utility. 

oThe Required Inspector is revision controlled. Attempts to modify any of the tests or certain of the options it contains will result in a change to its Policy File ID (PFID).  This is a number which is stored as a part of the Required Inspector and which is sent as part of the security status token to POLYCENTER SRF, if so configured. In this way, the POLYCENTER SRF administrator can detect modifications to the Required Inspector. 

oThe Required Inspector also contains certain extra information which is sent with the token to POLYCENTER SRF, including a modifiable Description field. 

These features, and the POLYCENTER SRF software, are designed to allow the Required Inspector to be used to implement a common Security Policy across all systems in a large corporate network. 
 

Security Issues

Access to POLYCENTER Security CM is controlled using regular UNIX file protection mechanisms. By default, only root and members of root’s primary group may run the program. To allow unprivileged users to use POLYCENTER Security CM, you should create a unique group for this purpose, add the desired users to this group, and change the group ownership of the inspect files. The inspectsetup utility has an option to automate the latter step. 

Access to inspectors is controlled by the POLYCENTER Security CM user interface. The creator of an inspector is by default the only owner of that inspector. However, you may grant read or write access to your inspectors to others by modifying the owner list option of the inspector. Read access allows a user to browse or copy an inspector, but not to modify or execute it. Write access confers all rights to the inspector. Access can be given to named users, or to all users on the system.  Write access to an inspector should be given away with great caution, as it potentially allows other users to run programs under the UID of the primary inspector owner. In particular, only root should have write access to the Required Inspector. 

 

The Inspector Compiler

POLYCENTER Security CM inspectors can be built from within the user interface.  Alternatively, you may find it easier to describe the inspector in a format known as Inspector Description Language. Having created a file containing such an inspector description, you may invoke the inspector compiler using the -c option to inspect.  This option invokes the inspector compiler to generate an inspector based on the ASCII file filename.  The Inspector Description Language (IDL) is described in the POLYCENTER Security CM User Guide. This is the same format in which ASCII files are generated by the Print operation in the POLYCENTER Security CM user interface. A typical inspector description file is generated by selecting a suitable inspector as a starting point, printing it, editing the generated file, and then compiling the resulting file. 

Note that when invoked this way, the program does not run interactively. The compiler parses the file and, if successful, builds an inspector. It then exits; you must invoke inspect again (without the -c option) to see your new inspector. 

The -c option is useful for policy and inspector development outside of the user interface. 
 
 

Restrictions

Before running a lockdown file, you should examine it carefully to ensure that the actions it carries out are appropriate to your system. 

See Also

inspectd(8), inspectsetup(8)
 

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026