Sun and OracleChannel SunHow to BuyLog InEnglish

Solaris 1.x to Solaris 2.x Transition Guide
  Search only this book
Search Help
Contained Within
Find More Documentation
Featured Support Resources
 Download this book in PDF

Security

5

Security for the Solaris 2.4 operating environment combines several features from SunOS release 4.x and AT&T SVR4 with capabilities added specifically for Solaris 2.4. There are also changes in the packaging of some SunOS release 4.x security programs.
This chapter describes major differences between SunOS release 4.x and Solaris 2.4 operating environment security, and points out how those changes may affect system administration procedures. Security, Performance, and Accounting Administration describes the administration and use of these features more fully.
This chapter contains the following sections:
Solaris 2.4 Security Featurespage 46
Password Aging Changespage 48
Automated Security Enhancement Tool (ASET)page 48
Unbundled Security Optionspage 49
For more information about password aging and security in general, see Security, Performance, and Accounting Administration.

Solaris 2.4 Security Features

Most of the security features from SunOS release 4.x systems are also available in the Solaris 2.4 operating environment. These include:
  • Internet security
  • .rhosts and.rhosts.equiv files
  • Secure RPC and NFS
NFS Administration Guide documents secure NFS and the.rhosts files. TCP/IP Network Administration Guide describes administering Internet security.
Security for local SunOS release 5.4 systems includes storing encrypted passwords in a separate file, controlling login defaults, and restricted shells. Equivalent NIS+ security, described in Name Services Administration Guide, controls network-wide access to systems.
The following subsections summarize security features under local system control.

/etc/passwd and /etc/shadow Files

The SunOS release 5.4 passwd command stores encrypted versions of passwords in a separate file, /etc/shadow, and allows only root access it. This prevents general access to the encrypted passwords that formerly appeared in the /etc/passwd file, which anyone could read.
The /etc/shadow file also includes entries that force password aging for individual user login accounts. The mechanism for changing entries to the passwd and shadow files is described in User Accounts, Printers, and Mail Administration.

/etc/default Files

Several files that control default system access are stored in the /etc/default directory. These files limit access to specific systems on a network. Table 5-1 summarizes the files in the /etc/default directory.
Table 5-1 /etc/default
/etc/default/loginControls system login policies, including root access.
The default is to limit root access to the console.
/etc/default/passwdControls default policy on password aging
/etc/default/suControls which root (su) access to system will be logged and where it will be displayed

Restricted Shells

System administrators can use restricted versions of the Korn shell (rksh) and Bourne shell (rsh) to limit the operations allowed for a particular user account.
Restricted shells do not allow the following operations:
  • Changing directories
  • Setting the $PATH variable
  • Specifying path or command names beginning with "/"
  • Redirecting output
See the ksh and sh man pages in the man Pages(1): User Commands for a description of these shells.
Note that the restricted shell and the remote shell have the same command name (rsh) with different path names:
  • /usr/lib/rsh is the restricted shell
  • /usr/bin/rsh is the remote shell

Administration Tool Security

The security of the Administration Tool and its Host Manager and Database Manager introduce the concept of allowing nonroot users to administer systems. Any authorized user can use Administration Tool capabilities to display information the Administration Tool controls. However, the ability to
make system administrative changes depends on other security decisions. For example, you must plan the type of access NIS+ allows, taking into consideration Administration Tool capabilities. See Name Services Administration Guide.

Password Aging Changes

The SunOS release 5.4 system features password aging. This feature assigns a limited lifetime to each user password to maintain password secrecy. As a password reaches the end of its life, the password owner is notified and prompted to select a new one.
You can implement password aging using one of the following methods:
  • Method 1 - Use the User Account Manager feature of the Administration Tool if you are running OpenWindows. For information about this method, see Security, Performance, and Accounting Administration.
  • Method 2 - Use new passwd or nispasswd command options (depending on which name service stores the account).
A system administrator can also set up password aging.
You can change a user password in one of two ways:
  • Method 1- Use either passwd or nispasswd, depending on which name service is used to store your account.
  • Method 2 - Use the User Account Manager feature of the Administration Tool if you are running OpenWindows. For information about this method, see Security, Performance, and Accounting Administration.
For more information on passwd and nispasswd, see the command tables in Appendix D, "System Files Reference Table."

Automated Security Enhancement Tool (ASET)

ASET is included with the Solaris 2.4 operating environment. It was available as a separate option with SunOS release 4.x systems. ASET allows you to specify an overall system security level (low, medium, or high) and automatically maintain systems at those levels. This tool can be set up to run on a server and all its clients or on individual clients.
ASET performs these tasks:
  • Verifies system file permissions
  • Verifies system file contents
  • Checks integrity of group file entries
  • Checks system configuration files
  • Checks environment files (.profile,.login, and.cshrc)
  • Verifies EEPROM settings to restrict console login access
  • Allows establishment of a firewall or gateway system
Security, Performance, and Accounting Administration describes ASET setup and monitoring in detail.

Unbundled Security Options

Currently available unbundled security options are Kerberos security and SunShield(TM).

Kerberos Security

The Solaris 2.4 operating environment includes support for Kerberos authentication for secure RPC. Kerberos source code and administrative utilities are available from MIT.
Solaris 2.4 operating environment Kerberos support includes:
  • Client applications library that can use Kerberos
  • Kerberos option to Secure RPC
  • (R) · Sun's NFS distributed computing file system application with Kerberos
  • Commands to administer user tickets on the client
Security, Performance, and Accounting Administration describes how to set up and administer SunOS release 5.4 Kerberos. System Services Guide describes the use of Kerberos with Secure RPC. NFS Administration Guide describes the use of Kerberos with NFS.

SunShield

Password hiding and aging were always available; however, with the Solaris 2.4 operating environment, it was necessary to add separate software, SunShield ARM, to move encrypted passwords out of /etc/passwd to /etc/shadow, and to ask users to change their passwords periodically.