chtcb Command

Purpose

Changes or queries the trusted computing base attribute of a file.

Syntax

chtcb { on | off | query } File ...

Description

The chtcb command changes or queries the trusted computing base (TCB) attribute of the files you specify with the File parameter. The following alternatives are valid:

Item Description
on Enables the trusted computing base attribute.
off Disables the trusted computing base attribute, if set.
query Displays the value of the trusted computing base attribute.

This command should be executed on the trusted path.

Security

Access Control: This command should grant execute (x) access to the root user and members of the security group. The command should have the trusted computing base attribute.

Examples

  1. To identify the plans file as part of the trusted computing base (TCB), set the trusted computing base attribute to the on value by entering the following:
    chtcb on plans 
    The plans file now can be executed from the trusted path.
  2. To query whether the plans file is part of the trusted computing base (TCB), enter:
    chtcb query plans
    When the status appears, you know that the plans file is part of the trusted computing base if the TCB attribute is set to the on value.
  3. To remove the plans file from the trusted computing base (TCB), enter:
    chtcb off plans

Files

Item Description
/usr/sbin/chtcb Contains the chtcb command.