Protect System Devices
You can use to protect system devices against unauthorized copy. By creating a copy of an existing system node unauthorized accessors can export the content of the protected device and read the content as raw data.
capamsc141
You can use
Privileged Access Manager
to protect system devices against unauthorized copy. By creating a copy of an existing system node unauthorized accessors can export the content of the protected device and read the content as raw data.When a user attempts to create a block-oriented or character special file based on an existing one using the mknod command,
Privileged Access Manager
checks the device. If the user attempts to create a copy of a protected device, Privileged Access Manager
blocks the attempt and prevents the operation.By default,
Privileged Access Manager
does not block the device copy operation.You can enable the system devices protection from the seos.ini file under the SEOS_syscall section in the file_rdevice_max token.
For more information about the file_rdevice_max token, refer to the
Reference Guide
.