Canmove, confirm
937
edits
Changes
→Configuring Discretionary Access Control
==Configuring Discretionary Access Control==
On Unix (including Linux and SolarisMac OS X), discretionary access control can be configured by setting the access permission file mode bits of the files appropriately. The access permission file mode bits can be specified set when the files are created. The file mode bits can be changed with the <code>chmod</code> utility.. When installing the NSS library files, the operator shall use the <code>chmod</code> utility to set the file mode bits of the NSS library files to 0644, making them readable and writable by the owner, and readable by everyone.<div class=note>'''Note''': on HP-UX, the shared libraries must be executable, or they can so the file mode bits shall be modified laterset to 0755.</div> The NSS module creates its database files with the 0600 permission bits, making them readable and writable by the owner only.
* specify the set of roles that can execute stored cryptographic software: all users. For example, <code>"chmod a+rx libsoftokn3.so"</code>. '''Note''': the read permission is required for the software integrity test.
