Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ s_cmd(5) — AIX/RT 2.2.1

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

tsh

AIX Operating System Commands Ref-

s_cmd

Purpose

     Contains the command table for the trusted shell.

Description

     The file /etc/security/s_cmd is a table file (see "tbl"),
     and it drives the trusted shell.

     Each entry in the command table, s_cmd, has the following
     format:

          command:type:explanation:path:menus

     which represents  a command  and its attributes,  and has
     five colon-separated fields:

     command       Specifies the command name  to be placed on
                   a tsh menu.

     type          Specifies  one of  the  following types  of
                   commands:

                   p     pathname     command,     such     as
                         /bin/passwd.

                   b     built-in command, such as cd.

                   s     state transition to an administrative
                         state.   This  type   of  command  is
                         reserved.

                   c     control characters, like Ctrl-D.

     explanation   Contains an explanation  of the command for
                   a tsh menu.

     path          Contains a location, based  on the value of
                   the type field, as follows:

                   o   when type is  p, specifies the absolute
                       pathname of command program.

                   o   when  type is  b, specifies  the prede-
                       fined built-in command name.

                   o   when type is  s, specifies the absolute
                       pathname to check execute access.

                   o   when type is c,

     menus         A nonempty sublist of [tsh|.

     The trusted shell has  two states:  ordinary and adminis-
     trative.  Entries with  tsh in the menus  field appear in
     the  menu of  the ordinary  state of  the trusted  shell,
     whereas entries with administrative  group g in the menus
     field appear in the menu of the g-administrative state of
     the trusted shell.

     When the command type is a pathname (p), then the trusted
     shell executes the pathname when a user selects it.  When
     the  command type  is a  built-in (b),  then the  trusted
     shell internally executes the command when a user selects
     it.  When  the command  type is  a state  transition (s),
     then the trusted shell includes it  as a menu item if the
     user  has  execute  access  to the  pathname.   When  the
     command type is one or  more control characters (c), then
     the trusted shell  lists the item on  the specified menus
     but lets an existing mechanism handle the control charac-
     ters.

     A user with superuser authority can customize the trusted
     shell  by editing  the  command table.   This table  must
     contain only trusted commands  that have undergone proper
     design, testing, and certification scrutiny for security.
     Among  other things,  a trusted  command cannot  invoke a
     nontrusted command.   (Both the  sh and csh  commands are
     untrusted.)  The  trusted shell,  if invoked  through the
     secure  attention key,  provides a  trusted communication
     path  between the  user  and the  trusted computing  base
     (TCB).  Since  the security of the  trusted shell depends
     on the security  of each command it  invokes, the command
     table must contain only trusted commands.

Examples

     Here are some examples of command table entries:

       ?:b:print this help menu:?:tsh
       cd:b:change the current directory:cd:tsh
       passwd:p:change password:/bin/passwd:tsh
       Ctrl-d:c:(Ctrl-d) leave tsh, execute my login shell::tsh

Files

     /etc/security/s_cmd
     /bin/tsh

Related Information

     The tsh command in the AIX Operating System Commands Ref-
     erence.

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026