Previous Topic: Defining Day and Time Access Rules for ResourcesNext Topic: B1 Security Level Certification


Protecting System Devices

You can use CA ControlMinder to protect system devices against unauthorized copy. By creating a copy of an existing system node, unauthorized accessors can export the content of the protected device and read the content as raw data.

When a user uses the mknod command to create a block-oriented or character-special file based on an existing one, CA ControlMinder checks the device. If the user attempts to create a copy of a protected device, CA ControlMinder blocks the attempt and prevents the operation.

By default, CA ControlMinder does not block the device copy operation.

You enable the system devices protection from the seos.ini file under the SEOS_syscall section in the file_rdevice_max token.

Note: For more information about the file_rdevice_max token, refer to the Reference Guide.