Monitored Files (SECFILE) Properties
Use the Monitored Files (SECFILE class) properties windows for creating, modifying, or viewing a record of this class. Each record defines a file to be monitored. The monitored file records provide verification for important files in the system. However, they cannot appear in a conditional access control list. To verify that an unauthorized user has not altered a file, add sensitive system files that rarely get modified to this class.
cminderpim14
Use the Monitored Files (SECFILE class) properties windows for creating, modifying, or viewing a record of this class. Each record defines a file to be monitored. The monitored file records provide verification for important files in the system. However, they cannot appear in a conditional access control list. To verify that an unauthorized user has not altered a file, add sensitive system files that rarely get modified to this class.
This window contains the following fields in the General tab:
- NameDefines the name of the resource. Indicates the full pathname of the file that the record protects.
- CommentDefines extra information that you want to include in the record. CA Privileged Identity Manager does not use this information for authorization.Limit:255 alphanumeric characters
- OwnerDefines the owner of a record.
- BlockrunSpecifies whether to check if the program is trusted and blocks the execution of untrusted programs. The execution blocking is performed regardless whether the program is a setuid or a regular program.
- FlagsDefines the program information that CA Privileged Identity Manager generates automatically.The Watchdog automatically verifies the information that is stored in this property. If it is changed, CA Privileged Identity Manager defines the program as untrusted.You can select any of the following flags toexcludethe associated information from this verification process:
- SHA1The SHA1 signature. Secure Hash Algorithm is a Digital signature method that is applied to a program or sensitive files.
- SizeThe size of the program file.
- CRCThe cyclic redundancy check and MD5 signature.
- MTimeThe time the program file was last modified.
- CTime(UNIX only) The time of the last file status change.
- INodeOn UNIX, the file system address of the program file. On Windows, has no importance.
- DeviceOn UNIX, the logical disk that the file resides on. On Windows, the drive number of the disk containing the file.
- ModeThe associated security protection mode for the program file.
- OwnerThe user who owns the program file.
- GroupThe group that owns the program file.
This window contains the following fields in the Audit tab:
- Audit ModesDefines the types of access events that CA Privileged Identity Manager records in the audit log. You can select any combination of the following activities:
- Audit SuccessGranted access requests.
- Audit FailureDenied access requests (default).
- Warning ModeSpecifies whether Warning mode is enabled. When Warning mode is enabled on a resource, all resource access requests are granted. If an access request violates an access rule, a record is written to the audit log.
- TrustDefines whether the resource is trusted. If you do not specify this option, accessors cannot use the resource. Otherwise, the other properties that are listed in the database for the resource are used to determine access authority of an accessor. If a trusted resource is changed in any way, CA Privileged Identity Manager automatically clears this option.
This window contains the following fields in the Information tab:
- Update TimeDisplays the date and time when the record was last modified.
- Updated ByDisplays the administrator who performed the update.
- Create TimeIndicate the date and time when a record gets created.