Bypass Trusted Process Authorization
allows you to define programs as trusted. stores the trusted programs and their children programs in a table. All events (inbound and outbound) related to trusted processes (and their corresponding ports) are permitted without authorization as part of a full network bypass.
capamsc141
PAM Server Control
allows you to define programs as trusted. PAM Server Control
stores the trusted programs and their children programs in a table. All events (inbound and
outbound) related to trusted processes (and their corresponding ports) are permitted without authorization as part of a full network bypass.To specify these programs, use the SPECIALPGM class:
- To bypass file and network events for the specified program, use the property PGMTYPE with values pbf and pbn.
- To bypass setuid and setgid events for a specified program, use the property PGMTYPE with the value surrogate.
- To bypass allPAM Server Controlauthorization checks for a specified program, use the property PGMTYPE with the value fullbypass.PAM Server Controlignores a process that has the PGMTYPE(fullbypass) property, and no record of any process events appears inPAM Server Controlaudit, trace, or debug logs.
- To propagate bypasses to all programs that are called from the specified program, use the property PGMTYPE with the value propagate.
Security privilege propagation works with PBF, PBN, DCM, FULLBYPASS, and SURROGATE privileges only.