Previous Topic: User Can Access Protected ResourcesNext Topic: An Enterprise User or Group Cannot Access Resources but Correct Access Rules are Set


Read Access Checks Bypass /etc/passwd and /etc/group Files

Valid on UNIX

Symptom:

I created a rule that has a default access authority of none for the /etc/passwd and /etc/group files, but I still have read access to these files.

Solution:

By default, the CA ControlMinder authorization engine bypasses read access checks for the /etc/passwd and /etc/group system files. To stop CA ControlMinder bypassing read access checks for system files, change the value of bypass_system_files in the [seosd] section of the seos.ini file to no.

Important! If you stop CA ControlMinder bypassing read access checks for system files, verify that correct authorizations are in place. If you do not set the correct authorizations and bypass read access checks, users including CA ControlMinder administrations and the root user may not be to access the system, and critical system processes may fail.