|Skip Navigation Links|
|Exit Print View|
|Oracle Solaris 11 Security Guidelines Oracle Solaris 11 Information Library|
After installation, Oracle Solaris protects the system from intrusion and monitors login attempts, among other security features.
Initial user and root role accounts – The initial user account can log in from the console. This account is assigned the root role. The password for the two accounts is initially identical.
After logging in, the initial user can assume the root role to further configure the system. Upon assuming the role, the user is prompted to change the root password. Note that no role can log in directly, including the root role.
The initial user is assigned defaults from the /etc/security/policy.conf file. The defaults include the Basic Solaris User rights profile and the Console User rights profile. These rights profiles enable users to read and write to a CD or DVD, run any command on the system without privilege, and stop and restart their system when sitting at the console.
The initial user account is also assigned the System Administrator rights profile. Therefore, without assuming the root role, the initial user has some administrative rights, such as the right to install software and manage the naming service.
Password requirements – User passwords must be at least six characters long, and have at least one alphabetic character and one numeric character. Passwords are hashed by using the SHA256 algorithm. When changing their password, all users including the root role must conform to these password requirements.
Limited network access – After installation, the system is protected from intrusion over the network. Remote login by the initial user is allowed over an authenticated, encrypted connection with the ssh protocol. This is the only network protocol that accepts incoming packets. The ssh key is wrapped by the AES128 algorithm. With encryption and authentication in place, the user can reach the system without interception, modification, or spoofing.
Recorded login attempts – The audit service is enabled for all login/logout events (login, logout, switching user, starting and stopping an ssh session, and screen locking) and for all non-attributable (failed) logins. Because the root role cannot log in, the name of the user who is acting as root can be traced in the audit trail. The initial user can review the audit logs by a right granted through the System Administrator rights profile.
After the initial user is logged in, the kernel, file systems, and desktop applications are protected by least privilege, permissions, and role-based access control (RBAC).
Kernel protections – Many daemons and administrative commands are assigned just the privileges that enable them to succeed. Many daemons are run from special administrative accounts that do not have root (UID=0) privileges, so they cannot be hijacked to perform other tasks. These special administrative accounts cannot log in. Devices are protected by privileges.
File systems – By default, all file systems are ZFS file systems. The user's umask is 022, so when a user creates a new file or directory, only the user is allowed to modify it. Members of the user's group are allowed to read and search the directory, and read the file. Logins that are outside the user's group can list the directory and read the file. The directory permissions are drwxr-xr-x (755). The file permissions are -rw-r--r-- (644).
Desktop applets – Desktop applets are protected by RBAC. For example, only the initial user or the root role can use the Package Manager applet to install new packages. The Package Manager is not displayed to regular users who are not assigned the rights to use it.
Oracle Solaris 11 provides security features that can be used to configure your systems and users to satisfy site security requirements.
Role-based access control (RBAC) – Oracle Solaris provides a number of authorizations, privileges, and rights profiles. root is the only defined role. The rights profiles provide a good basis for roles that you create. Also, some administrative commands require RBAC authorizations to succeed. Users without the authorizations cannot run the commands, even if the users have the required privileges.
User rights – Users are assigned a basic set of privileges, rights profiles, and authorizations from the /etc/security/policy.conf file, just like the initial user as described in System Access Is Limited and Monitored. User login attempts are not limited, but all failed logins are logged by the audit service.
System file protection – System files are protected by file permissions. Only the root role can modify system configuration files.