dg_running_with(3C) DG/UX B2 Security R4.12MU02 dg_running_with(3C)
NAME
dgrunningwithaa, dgrunningwithacl, dgrunningwithaudit,
dgrunningwithcap, dgrunningwithmac, dgrunningwithnsec,
dgrunningwithtpath, dgrunningwitheval - determine whether the
system is configured for a given feature
SYNOPSIS
#include <dgrunningwith.h>
int dgrunningwithaa()
int dgrunningwithacl()
int dgrunningwithaudit()
int dgrunningwithcap()
int dgrunningwithmac()
int dgrunningwithnsec()
int dgrunningwithtpath()
int dgrunningwitheval()
DESCRIPTION
Use a dgrunningwith function to find out whether the given security
feature is configured into the currently running system. These
functions are contained in the libdgc.a library.
The dgrunningwithaa function returns 1 if the system is configured
for trusted authentication and authorization. This is determined to
be the case if sysconf(SCSECLEVEL) returns a value of DGC2,
DGB1 or DGB2.
The dgrunningwithacl function returns 1 if the system is
configured for access control lists (ACLs). This is determined to be
the case if sysconf(SCACL) returns a value of POSIXACL.
The dgrunningwithaudit function returns 1 if the system is
configured for security auditing. This is determined to be the case
if sysconf(SCAUD) returns a value of DGAUD.
The dgrunningwithcap function returns 1 if the system is
configured for Capability (least privilege). This is determined to
be the case if sysconf(SCCAP) returns a value of POSIXCAP.
The dgrunningwithmac function returns 1 if the system is
configured for mandatory access control (MAC). This is determined to
be the case if sysconf(SCMAC) returns a value of POSIXMAC.
The dgrunningwithnsec function returns 1 if the system is
configured for Trusted IP (network security). This is determined to
be the case if the /dev/dn6 device exists on the system.
The dgrunningwithtpath function returns 1 if the system is
configured for Trusted Path. This is determined to be the case if
the /etc/tcb/trstpth/trstpthtpgmpipe device exists on the system.
The dgrunningwitheval function returns 1 if the system is running
the hardware and software configuration that is undergoing evaluation
at the B2 level of trust. This is determined to be the case if
sysconf(SCEVAL) returns a value of DGEVAL.
These routines should be used rather than using direct calls to
sysconf(2), because Data General reserves the right to change the
underlying test that these routines use to detect the presence of the
various features.
These routines allow applications to be written that can change their
behavior based on the configuration of the system. If written
correctly, the same binary image of the application can then run on
the DG/UX System with or without security features present.
EXAMPLE
Below is an excerpt from the ttymon source code showing a change in
behavior based on the presence of the A&A feature:
/*
* If host system running A&A, use -s to identify as
* "login" service.
*/
if (dgrunningwithaa()) {
pmtab->pserver = "/usr/bin/login -s login";
}
else {
pmtab->pserver = "/usr/bin/login";
}
SEE ALSO
sysconf(2).
Licensed material--property of copyright holder(s)