[Question] about how access control is performed when using PIM
book
Article ID: 193031
calendar_today
Updated On:
Products
CA Virtual Privilege ManagerCA Privileged Identity Management Endpoint (PIM)
Issue/Introduction
Customer wanted a high level explanation of how a PIM agent works.
Environment
Release : 12.8
Component : CA ControlMinder
Resolution
1) Rules and policies are stored in "/installpath/seosdb". This is encrypted.
2) When PIM is started, the rules are essentially compiled by seosd, and a lot of the compiled data is passed to the kernel module for the sake of processing speed.
3) At runtime, system calls are intercepted by PIM's kernel module. These will be evaluated against the compiled rules in the kernel module, and passed to seosd if needed, and acted upon.