The Solaris operating environment provides a sophisticated security system that controls the way users access files, protect system databases, and use system resources. Solaris security is network-wide security, providing security over several different systems, not just one. The Solaris security system is designed to accommodate different security models, giving users the flexibility to choose the model that best fits their needs now and in the future. Here are a number of new features added to the Solaris security system.
The kernel-level RPC implementation adds support for a new authentication flavor based on the GSS-API. NFS services are no longer tied down to a specific or a single security mechanism. The user-level RPC implementation has been modified to support two stronger security services--integrity and confidentiality. This implementation also supports multiple security mechanisms.
For more information, see NFS Administration Guide.
Berkeley Internet Name Daemon (BIND), the most popular DNS implementation, has been upgraded to 8.1.2. It provides a new configuration file that enhances network security through the use of access control lists (ACLs).