Solaris Operating Environment Security
The Solaris Operating Environment (OE) is a flexible, general-purpose operating system. Due to its general nature, changes must be made to secure the system against unauthorized access and modification. This chapter describes the Solaris OE subsystems and the security issues surrounding those subsystems. This chapter provides recommendations on how to secure Solaris OE subsystems.
The information in this chapter applies to the Solaris 2.5.1, 2.6, 7, and 8 OE versions. Older versions of the Solaris OE may be configured in similar ways; however, some investigation is necessary before making the changes suggested in this chapter to older versions.
As with any security decisions, a balance must be attained between system manageability and security. Some changes in this chapter do not apply to all environments. The removal of some of the Solaris OE services mentioned in this chapter may negatively impact the ability to effectively maintain a system. You must know your system and security requirements before starting.
This chapter contains the following topics:
"File Systems and Local Security"
"Network Service Security"
File Systems and Local Security
It is important not to neglect the file systems and local security of a Solaris OE system. Often, administrators are greatly concerned about attackers breaking into systems remotely. There should be equal concern for local, authorized users gaining extra privileges on a system by exploiting a problem with internal system security.