Contact Us Contact Us

HP-UX Security Containment Extensions

  Software Depot
Electronic download
Frequently asked questions
Product details and specifications
Select
Overview

HP-UX 11i Security Containment includes three core technologies: compartments, fine-grained privileges, and role-based access control. Together, these three components provide a highly secure operating environment without requiring applications to be modified.

HP-UX Security Containment Extensions enables users and administrators to login directly to a compartment, offers a tool that helps a system administrator setup and configure a compartment, and includes enhancements to support HP-UX Containers (SRP) A.02.00 and later.

New in HP-UX 11i Security Containment Extensions B.11.31.03

HP-UX 11i Security Containment Extensions B.11.31.03 includes the following new features in the ContainmentPlus product:

  • Support for HP-UX Containers (SRP) A.03.00. HP-UX Containers provides an isolated operating environment (containers) within a single instance of the HP-UX 11i v3 operating system.  
  • The compartment configuration files now support new syntax rules: system, blocked, and tl.
  • New cmpt_restrict_tl kernel parameter that defines the restrictions for the inter-compartment communications through Streams Local Transport Drivers.
  • Some of the fine-grained privileges are divided into more granularity. This new feature allows application to have finer control over the administrative capabilities. See the Compatibility Information section in the HP-UX Security Containment Extensions B.11.31.03 Release Notes for more information.
  • Fixes for known problems to the HP-UX 11i Security Containment product.

For more information, refer to the HP-UX Security Containment Extensions B.11.31.03 Release Notes.

Features and Benefits

HP-UX Security Containment Extensions provides the following benefits to HP-UX systems:

  • Containment Wizard
    The application containment wizard, contain, is a tool that helps a system administrator setup and configure a compartment. The contain tool creates a compartment and configures the applications specified on the command line for execution in the compartment. After the compartment has been created and the applications have been configured, the contain tool gives the user an opportunity to run these applications in the newly created compartment. The containment wizard then collects the list of required access rules for these applications and attempts to simplify these rules based on the system administrator's input.

  • Compartment Login
    The compartment login configuration enables users and administrators to login directly to a compartment. It provides a mechanism to set controls on those users that are allowed to login to a service running in a specified compartment or prevent access to the system based on previously configured authorization information.

  • ContainmentPlus
    The ContainmentPlus product enables a collection of enhancements to the core Security Containment features to support HP-UX Containers (SRP) A.02.00 and later.

Product Documentation

Use the following documents in conjunction with each other when using HP-UX Security Containment Extensions B.11.31.03:

  • HP-UX Security Containment Extensions B.11.31.03 Release Notes
  • HP-UX Compartment Login using Secure Shell (SSH)
  • HP-UX System Administrator's Guide: Security Management

These documents are located at:
www.hpe.com/support/hpesc
Select the HP-UX 11i Security Containment Software product to access these documents.

Requirements and Restrictions:

HP-UX Security Containment Extensions has the following requirements and restrictions:

  • Requires HP-UX 11i version 3.
  • The HP-UX Security Containment Extensions product is added to HP-UX Security Containment that is part of core HP-UX.
 
Additional product information
Product #: ContainmentExt
Version: B.11.31.03
Software specification: HP-UX 11i v3(ContainmentExt_B.11.31.03_HP-UX_B.11.31_IA_PA.depot)
Installation
Select