Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

System Administration Guide: Security Services
Previous Next

System Security

System security ensures that the system's resources are used properly. Access controls can restrict who is permitted access to resources on the system. The Solaris OS features for system security and access control include the following:

  • Login administration tools – Commands for monitoring and controlling a user's ability to log in. See Securing Logins and Passwords (Task Map).

  • Hardware access – Commands for limiting access to the PROM, and for restricting who can boot the system. See SPARC: Controlling Access to System Hardware (Task Map).

  • Resource access – Tools and strategies for maximizing the appropriate use of machine resources while minimizing the misuse of those resources. See Controlling Access to Machine Resources.

  • Role-based access control (RBAC) – An architecture for creating special, restricted user accounts that are permitted to perform specific administrative tasks. See Role-Based Access Control (Overview).

  • Privileges – Discrete rights on processes to perform operations. These process rights are enforced in the kernel. See Privileges (Overview).

  • Device management – Device policy additionally protects devices that are already protected by UNIX permissions. Device allocation controls access to peripheral devices, such as a microphone or CD-ROM drive. Upon deallocation, device-clean scripts can then erase any data from the device. See Controlling Access to Devices.

  • Basic Audit Reporting Tool (BART) – A snapshot, called a manifest, of the file attributes of files on a system. By comparing the manifests across systems or on one system over time, changes to files can be monitored to reduce security risks. See Chapter 6, Using the Basic Audit Reporting Tool (Tasks).

  • File permissions – Attributes of a file or directory. Permissions restrict the users and groups that are permitted to read, write, or execute a file, or search a directory. See Chapter 7, Controlling Access to Files (Tasks).

  • Antivirus software – A vscan service checks files for viruses before an application uses the files. A file system can invoke this service to scan files in real time for the most recent virus definitions before the files are accessed by any clients of the file system.

    The real-time scan is performed by third-party applications. A file can be scanned when it is opened and after it is closed. See Chapter 4, Virus Scanning Service (Tasks).

Previous Next

 
 
  Published under the terms fo the Public Documentation License Version 1.01. Design by Interspire