canmove, Confirmed users
937
edits
FIPS Operational Environment: Difference between revisions
Jump to navigation
Jump to search
→Configuring Discretionary Access Control
No edit summary |
|||
| Line 10: | Line 10: | ||
The Crypto Officer (the operator who installs the NSS library files) should use the <code>chmod</code> command to set the access permission bits of the NSS library files appropriately. | The Crypto Officer (the operator who installs the NSS library files) should use the <code>chmod</code> command to set the access permission bits of the NSS library files appropriately. | ||
* specify the set of roles that can execute stored cryptographic software | |||
* specify the set of roles that can modify (i.e., write, replace, and delete) cryptographic programs | |||
* specify the set of roles that can modify (i.e., write, replace, and delete) cryptographic data (e.g., cryptographic keys and audit data), CSPs, and plaintext data: NSS databases can only be modified by the owner. Audit data can only be modified by the root user. | |||
* specify the set of roles that can read cryptographic data (e.g., cryptographic keys and audit data), CSPs, and plaintext data: NSS databases can only be read by the owner. Audit data can only be read by the root user. | |||
* specify the set of roles that can enter cryptographic keys and CSPs: '''N/A'''. NSS does not support manual entry of cryptographic keys and CSPs. | |||