1. Security Services (Overview)
Part II System, File, and Device Security
2. Managing Machine Security (Overview)
3. Controlling Access to Systems (Tasks)
4. Controlling Access to Devices (Tasks)
5. Using the Basic Audit Reporting Tool (Tasks)
6. Controlling Access to Files (Tasks)
7. Using the Automated Security Enhancement Tool (Tasks)
Part III Roles, Rights Profiles, and Privileges
8. Using Roles and Privileges (Overview)
Role-Based Access Control (Overview)
RBAC: An Alternative to the Superuser Model
Oracle Solaris RBAC Elements and Basic Concepts
Privileged Applications and RBAC
Applications That Check UIDs and GIDs
Applications That Check for Privileges
Applications That Check Authorizations
Security Considerations When Directly Assigning Security Attributes
Privileges Protect Kernel Processes
Administrative Differences on a System With Privileges
Privileges and System Resources
How Privileges Are Implemented
Expanding a User or Role's Privileges
Restricting a User or Role's Privileges
Assigning Privileges to a Script
9. Using Role-Based Access Control (Tasks)
10. Role-Based Access Control (Reference)
Part IV Oracle Solaris Cryptographic Services
13. Oracle Solaris Cryptographic Framework (Overview)
14. Oracle Solaris Cryptographic Framework (Tasks)
15. Oracle Solaris Key Management Framework
Part V Authentication Services and Secure Communication
16. Using Authentication Services (Tasks)
19. Using Solaris Secure Shell (Tasks)
20. Solaris Secure Shell (Reference)
21. Introduction to the Kerberos Service
22. Planning for the Kerberos Service
23. Configuring the Kerberos Service (Tasks)
24. Kerberos Error Messages and Troubleshooting
25. Administering Kerberos Principals and Policies (Tasks)
26. Using Kerberos Applications (Tasks)
27. The Kerberos Service (Reference)
Part VII Oracle Solaris Auditing
28. Oracle Solaris Auditing (Overview)
29. Planning for Oracle Solaris Auditing
30. Managing Solaris Auditing (Tasks)
Solaris 10 8/07: Starting in this release, the project.max-locked-memory and zone.max-locked-memory resource controls were introduced. If the PRIV_PROC_LOCK_MEMORY privilege is assigned to a user or non-global zone, these resource controls can be set to prevent the user or zone from locking all memory. For more discussion, see Privileges and System Resources.
Solaris 10 10/08: In this release, the solaris.admin.usermgr authorizations have been reorganized to support separation of duty, a security requirement at highly secure installations. To satisfy separation of duty, two accounts are required to create a user account. To configure the software for this requirement, see Create Rights Profiles That Enforce Separation of Duty in Oracle Solaris Trusted Extensions Configuration Guide. Also in this release, this guide describes how to change the password of a role in How to Change the Password of a Role.
Solaris 10 9/10: In this release, the net_access privilege is added to the basic set of privileges. For a description of the privilege, see the privileges(5) man page.