Xerox 6180N FreeFlow® Print Server Security Guide - Page 15

Solaris file permissions Secure File Permission options can be enabled or disabled through the Xerox FreeFlow Print Server interface. Fix-modes include: • fixmodes-xerox: fix file permissions for all packages to make them more secure. Available under the System tab under the "Secure File Permissions" drop-down menu. • fixmodes-solaris: fix file permissions only for Solaris packages to make them more secure. Available under the System tab under the "Secure File Permissions" dropdown menu. The fix-modes utility (from the Solaris Security Toolkit) adjusts group and world write permissions. It is run with the '-s' option to secure file permissions for Solaris files that were created at install time only. Customer-generated files are not affected. NOTE: When this command is run, a file called /var/sadm/install/ content.mods is left. Do not delete this file. It contains valuable information needed by fix modes to revert the changes to the system file permissions if the security setting is changed back to medium. Disabling secure name service databases The following databases are disabled when security is invoked: • passwd(4) • group(4) • exec_attr(4) • prof_attr(4) • ser_attr(4) Multicast routing disabled Multicast is used to send data to many systems at the same time while using one address. OS and host information hidden The ftp, telnet and sendmail banners are set to null so that users in cannot see the hostname and OS level. Security Guide 11