| Solaris Security Toolkit 4.1.1 Release Notes |     |
| Solaris Security Toolkit 4.1.1 Release Notes | |
|
Solaris Security Toolkit 4.1.1 Release Notes |
These release notes for the Solaris Security Toolkit 4.1.1 software contain the following topics:
This section summarizes the pertinent changes made to the Solaris Security Toolkit 4.1 software for the Solaris Security Toolkit 4.1.1 software release.
|
Note - The Solaris Security Toolkit 4.1.1 software release is not a bug fix release from the Solaris Security Toolkit 4.1 software release. |
Solaris Security Toolkit 4.1.1 software works only with Solaris 8 or 9 Operating Systems. This Solaris Security Toolkit 4.1.1 release does not support nor does it work with the Solaris 10 Operating System.
The Solaris Security Toolkit 4.1.1 software supports the System Management Services (SMS) 1.5 software, including the secure by default feature. To use these features, you need to use Solaris Security Toolkit 4.1.1 software on the system controller (SC). You can find detailed information about securing Sun Fire high-end systems in the System Management Services (SMS) 1.5 Administrator Guide, Chapter 2.
For generic information that applies to all Solaris Security Toolkit software, refer to the Solaris Security Toolkit 4.1 documentation at:
http://www.sun.com/products-n-solutions/hardware/docs/ Software/enterprise_computing/systems_management/sst/index.html
This section contains known limitations for the Solaris Security Toolkit 4.1 and 4.1.1 software:
This section contains general notes and issues that involve the Solaris Security Toolkit 4.1 and 4.1.1 software.
Supported SMS upgrade and downgrade are referenced in the SMS high-end system product documentation. When performing SMS upgrade/downgrade operations on System Controllers hardened by the Solaris Security Toolkit, run in audit mode after the upgrade/downgrade is complete. Running in audit mode verifies that the System Controller is in the proper configuration. If any vulnerabilities are identified, rerun hardening.
Performing a CTRL-C during Solaris Security Toolkit hardening and undo operations could result in an inconsistent system state. Hardening operations should be allowed to complete and then a subsequent undo operation performed instead of interrupting the hardening operation. Do not use CTRL-C for error handling or to interrupt a Toolkit run. Wait until the operation has finished and then re-perform hardening or undo operations.
When executing fix-modes during package installation, secure-modes warnings are displayed. These warnings are the result of a file formatting problem in Solaris software and can be ignored safely.
To better understand the needs and requirements of the Solaris Security Toolkit users, a questionnaire has been placed in the Documentation directory (<JASS_HOME directory>/Documentation/QUESTIONNAIRE). The purpose of this survey is to better focus on customer needs in future development efforts. Your participation would be greatly appreciated.
Submit completed surveys to: sst-questionnaire@sun.com
This section summarizes the most important bugs and RFEs in the Solaris Security Toolkit 4.1 and 4.1.1 software.
If, after hardening the system with the update-cron-log-size.fin and enable-process-accounting.fin scripts, the system is rebooted and an undo of the hardening run performed, the undo reports that /etc/logadm.conf has changed and prompts with the usual Backup, Force, or Keep options.
Since the user has not performed any manual editing of /etc/logadm.conf the undo should apply cleanly and not require user action.
Workaround: In this instance, choose the Force option.
If the /etc/logadm.conf has been edited, use the Backup or Keep options.
This section contains descriptions of errata in the Solaris Security Toolkit 4.1 documentation.
The/etc/ftpd/banner.msg file is missing from the file list of the set-banner-ftpd.fin section in Chapter 4 of the Solaris Security Toolkit 4.1 Reference Manual.
Workaround: None. This is a documentation bug only. This file is present in the software.
The environment variable JASS_SHELL_DISABLE is no longer used and has been removed from the Solaris Security Toolkit 4.1.1 software. The environment variable JASS_SHELL_DISABLE is mentioned in the Solaris Security Toolkit 4.1 Reference Manual and should be ignored.
Workaround: Do not attempt to use this variable. It no longer works.
| Solaris Security Toolkit 4.1.1 Release Notes | 819-1635-10 | |
Copyright © 2005, Sun Microsystems, Inc. All Rights Reserved.