Endpoint Administration Guide for UNIX › Improving Performance › Bypassing Trusted Process Authorization

Bypassing Trusted Process Authorization

CA ControlMinder allows you to define programs as trusted. CA ControlMinder stores the trusted programs and their children programs in a table. All events (inbound and outbound) related to trusted processes (and their corresponding ports) are permitted without authorization as part of a full network bypass.

To specify these programs, use the SPECIALPGM class:

• To bypass file and network events for the specified program, use the property PGMTYPE with values pbf and pbn.
• To bypass setuid and setgid events for a specified program, use the property PGMTYPE with the value surrogate.
• To bypass all CA ControlMinder authorization checks for a specified program, use the property PGMTYPE with the value fullbypass.

  CA ControlMinder ignores a process that has the PGMTYPE(fullbypass) property, and no record of any process events appears in CA ControlMinder audit, trace, or debug logs.

• To propagate bypasses to all programs that are called from the specified program, use the property PGMTYPE with the value propagate.

  Note: Security privilege propagation works with PBF, PBN, DCM, FULLBYPASS, and SURROGATE privileges only.