search cancel

Data Center Security(DCS) sischeckpwd utility

book

Article ID: 174295

calendar_today

Updated On:

Products

Critical System Protection Data Center Security Server Advanced

Issue/Introduction

Information on sischeckpwd utility.

 

Resolution

The file "sischeckpwd" has the UID Bit set and the user sisips can run this binary with root permissions:

/opt/Symantec/sdcssagent/IPS/bin/sischeckpwd -rwsr-x--x 1 root sisips

The sischeckpwd tool uses system library “libpam.so” - Pluggable Authentication Modules (PAM) to authenticate a user. This is a system library which we integrated in sischeckpwd tool. The PAM module itself is asking the password and validating it. It is an independent application to check user authentication. This is the reason why the tool must be run with root permission. The  sischeckpwd is also used by sisipsoverride tool in order to disable the prevention temporarily.