Solaris Transition Guide

Security Options

Currently available bundled security options are Kerberos security, the SunSHIELDTM package, and Pluggable Authentication Module (PAM).

Kerberos 4.0 Security

The Solaris 7 operating environment includes support for Kerberos V4 authentication for secure RPC. (Kerberos source code and administrative utilities are available from MIT.) Included in this release are:

System Administration Guide, Volume II describes the client-side utilities included in the release. NFS Administration Guide describes the use of Kerberos with the NFS application.

SunSHIELD Package

The Solaris 7 release includes the SunSHIELD Basic Security Module (BSM) package. This product provides the security features defined as C2 in the Trusted Computer System Evaluation Criteria (TCSEC). The features provided by the BSM are a security auditing subsystem and a device allocation mechanism. C2 discretionary access control and identification and authentication features are provided in the operating system.

The administration of BSM is included in SunSHIELD Basic Security Module Guide.


The Pluggable Authentication Module (PAM) framework enables new authentication technologies to be "plugged-in" without changing commands, such as login, ftp, telnet and so on. The framework enables a system administrator to choose any combination of services to provide authentication. Mechanisms for account, session, and password management can also be "plugged-in" using this framework.

System Administration Guide, Volume II describes the administration of PAM.