Protect System Devices

You can use  to protect system devices against unauthorized copy. By creating a copy of an existing system node unauthorized accessors can export the content of the protected device and read the content as raw data.
capamsc141
You can use 
PAM Server Control
to protect system devices against unauthorized copy. By creating a copy of an existing system node unauthorized accessors can export the content of the protected device and read the content as raw data.
When a user attempts to create a block-oriented or character special file based on an existing one using the mknod command, 
PAM Server Control
checks the device. If the user attempts to create a copy of a protected device, 
PAM Server Control
blocks the attempt and prevents the operation.
By default, 
PAM Server Control
does not block the device copy operation.
You can enable the system devices protection from the seos.ini file under the SEOS_syscall section in the file_rdevice_max token.
For more information about the file_rdevice_max token, refer to the
Reference Guide
.