Canmove, confirm
937
edits
Changes
→Single Operator Mode of Operation
All the major general purpose operating systems today are multi-user OS. When the NSS cryptographic module is used at Security Level 1, only one user account should be created in the OS.
===Mac OS X Instructions=== # Log into your user account.# From the '''Apple''' menu, choose '''System Preferences'''.# From the '''View''' menu, choose '''Accounts'''.# All the user accounts are listed on the left hand side of the '''Accounts''' dialog. Your user account is listed under '''My Account''' and Windows XP are typically used with only one should have Admin privilege. If there is no user account under '''Other Accounts''', stop here. Otherwise, follow the steps below to delete the other accounts.# If the lock icon at the lower left corner of the '''Accounts''' dialog is locked, click the lock to make changes.# Select a user account under '''Other Accounts'''.# Click the minus sign (-) at the lower left corner of the '''Accounts''' dialog to delete the selected user account.# Repeat the above two steps until there is no user accountunder '''Other Accounts'''. ===Unix Instructions===The following explains how to configure a UNIX system for single user. The general idea is the same across all Unix variants.
* Remove all login accounts except "root" (the superuser).
* Disable NIS and other name services for users and groups.
# In the <code>/etc/inetd.d</code> directory, edit the files <code>eklogin</code>, <code>gssftp</code>, <code>klogin</code>, <code>krb5-telnet</code>, <code>kshell</code>, <code>rexec</code>, <code>rlogin</code>, <code>rsh</code>, <code>rsync</code>, <code>telnet</code>, and <code>tftp</code>, and set the value of <code>disable</code> to <code>yes</code>.
# Reboot the system for the changes to take effect.
===Windows XP Instructions===
==Software Integrity Test==
