S 4.22 Prevention of loss of confidentiality of sensitive data in the Unix system

Initiation responsibility: Head of IT, IT Security Officer

Implementation responsibility: Administrator

Unix commands such as ps, finger, who, last can be used to obtain information on a user (e.g. work habits). Additionally, many Unix derivatives contain further commands such as listusers in Solaris, for example. It must be considered whether every user should be allowed to execute these commands (data protection, spying of login names, and such like). In cases of doubt, access to these commands should be restricted.

When retrieving commands, no sensitive information may be entered as parameters, for example a password, since other users could read this information using ps.

If possible, the log files such as wtmp, utmp, wtmpx, utmpx, etc. should be protected against being read by unauthorised persons by appropriate access rights, since a good deal information about the users can be obtained from them.

Review questions:

• Did the organisation specify how to handle Unix commands that can be used to obtain information about the users' behaviour (e.g. ps, finger, who, last, listusers)?
• Is sensitive information (e.g. passwords) prevented from being transferred as command parameters?
• Are log files (e.g. wtmp, utmp, wtmpx, utmpx, etc.) protected against being read by unauthorised persons with the help of restricted access rights?