AcuConnect system security is designed to address two fundamental security issues:
1. controlling access to applications
2. preventing unauthorized use of AcuConnect to perform privileged activities (such as modifying privileged files)
The first issue, controlling access to applications, is addressed in two ways: first, via the AcuConnect server access file (discussed in detail in Section 3.3.1 The Server Access File), and second, through the standard UNIX or Windows NT/2000 file access provisions. Whether a user of AcuConnect can access a given application depends on two things: (1) the user ID assigned the requester in the server access file, and (2) either the Windows NT/2000 security set up for your files, or the UNIX ownerships and permissions set on the particular file.
The second issue, preventing unauthorized privileged use, is addressed through strict enforcement of the security measures that you have established through the server's operating system.
Windows NT/Windows 2000
After you set up your applications, you may set access permissions by using the Windows NT/Windows 2000 security features. Please refer to your Windows documentation for more information about security procedures. Make sure that the "AcuAccess" file and the "server.cfg" file can be written only by those accounts and groups that you want to have write privileges.
We recommend that you install and run AcuConnect on an NTFS drive, because FAT partitions offer no security to files or programs. If you install AcuConnect on an NTFS partition, be aware that the user connecting to AcuConnect needs both:
For example, if your ACUCONNECT-RUNTIME-FLAGS contains "-e errorfile", AcuConnect will attempt to write "errorfile" in the same directory as "acuconnect.exe". In this case, the user would need CHANGE (RWXD) permissions to access that directory.
If the user connecting to AcuConnect is mapped to DEFAULT-USER, then DEFAULT-USER needs these permissions.
UNIX
UNIX ownerships and permissions can be set on key AcuConnect files. Note, however, that your site could jeopardize security if you include entries in the server access file that explicitly allow users running as root on the clients to run as root on the server. We strongly recommend against the inclusion of such entries.
Note that the runtimes that are started by AcuConnect on the server inherit the environment of the user who started AcuConnect. Therefore, we recommend that you log on as the DEFAULT-USER and then use the "su" command to gain root privileges and start up AcuConnect. This ensures that any users mapped to the DEFAULT-USER account do not have any more privileges than you intend.
Achieving sound AcuConnect system security depends on the configuration and management of the following security elements:
UNIX ownerships and permissions on the acuconnect executable, server configuration file and server access file must be strictly maintained. If the ownerships and permissions are more permissive than those specified, acuconnect will not start.
More: