test

Trusted Solaris 8 Release Notes

Trusted Solaris 8 Release Notes

Note -

We strongly recommend that you read and use Trusted Solaris Installation and Configuration (PN 805-8114-10) to guide you in configuring the Trusted Solaris operating environment. The differences between this secure operating environment and a Solaris operating environment, such as -- labels, clearance confirmations, obligatory passwords, security configuration choices, name service domain setup, secure network setup, no superuser -- require planning and guidance during installation and configuration.

The Trusted Solaris 8 operating environment is an upgrade of the Trusted Solaris 7 release, and a security-enhanced version of the following software: Solaris 8 Update 1 operating environment, CDE 1.4.1 (Common Desktop Environment), and the Solaris Management Console 2.0 administrative interface. The release incorporates patches to the Trusted Solaris 7 operating environment, the window system (XW), and patches for the Solaris, CDE and Solaris Management Console releases.

Caution - Caution -

Do not apply patches that may be available for the standard releases of Solaris software, CDE, X Windows, or Solaris Management Console.

The sections are as follows:

Getting Help

For assistance in using the document set, see the Trusted Solaris Roadmap (PN 805-8113-10) document.

The docs.sun.comSM Web site enables you to access Sun technical documentation online. You can browse the docs.sun.com archive or search for a specific book title or subject. The URL is http://docs.sun.com.

Ordering Sun Documents

Fatbrain.com, the Internet's most comprehensive professional bookstore, stocks select product documentation from Sun Microsystems, Inc.

For a list of documents and how to order them, visit the Sun Documentation Center on Fatbrain.com at http://www1.fatbrain.com/documentation/sun.

Accessing Sun Documentation Online

The docs.sun.comSM Web site enables you to access Sun technical documentation online. You can browse the http://docs.sun.com archive or search there for a specific book title or subject.

Supported Hardware

The Trusted Solaris 8 release supports the workstation, server, and peripherals hardware supported by the Solaris 8 release. See also:

Patches and Bug Fixes

The Trusted Solaris 8 release includes the following product patches and bug fixes:

Table 1-1 Product Patches and Bug Fixes Integrated in Trusted Solaris 8

Product 

Patch/Bug Number 

Synopsis 

CDE 1.4.1 

108219-01108220-01/4257350 

dtaction has potential buffer overflow problems 

 

4337474 

CDE exit failed 

 

4340269 

When trying to exit session, get TT_ERR_NO_MATCH error 

Solaris Management Console 2.0 

4353350 

Rights are displayed in wrong order in Rights Tabs 

4335699 

Help needs to be up-to-date and accurate 

4353356 

Context help slows down user interface 

Solaris 8 Update 1 

All patches incorporated into the Solaris 8 Update 1 release. See Solaris 8 (SPARC Platform Edition) 6/00 Release Notes Update or Solaris 8 (Intel Platform Edition) 6/00 Release Notes Update for details.

103640-34105402-29/4295834 

network: NETPATH security problem in libnsl 

 

106938-04106939-04/4299852 

network: Four vulnerabilities have been found in BIND. 

 

107115-05107116-05/4310991 

utility: netpr: Buffer overflow in netpr_send_message() 

 

107709-07107710-06/4270182 

smartcard: AuthenticationFailureTrap not generated during testing of security 

 

108301-02108302-02/4254347 

network: in.tftpd stops service and gets stuck in endless loop executing read 

 

108482-02108483-02/4282985 

network: snoop may be exploited to gain root access 

 

108529-02/4331306 

kernel: Transferring large amounts of data using cpio to a partition on a 20Gbyte disk causes a panic. 

 

4237487 

utility: libprint has buffer overflows and other security problems 

 

4302198 

kernel: Solaris 8 kernel panic when servicing interrupt from hme device 

 

4313067 

libcurses: setupterm has buffer overflow 

 

4318294 

nisplus: Operations on NIS+ master slow when bug fix 4165775 is introduced 

 

4324685 

smartcard: Error message displayed when smart card is inserted 

 

4325934 

kernel: boot -r with PCMCIA modem cards installed causes a panic on the Sparc Ultra 2 

 

4330206 

kernel: Framebuffers fails to power manage Estar-compliant monitors 

 

4331401 

audit: segmentation violation in au_user_mask() 

 

4339366 

sysadmin: Security vulnerability in ufsrestore allows root compromise 

 

4341092 

network: in.named buffer overflow vulnerabilities 

 

4343216 

smartcard: Security problem in ocfserv 

 

4344275 

audit: Preselection will work in 64-bit mode. 

 

4353727  

AnswerBook2: AB 1.4.2 create admin user interactive shell 

 

4353965 

audit: CDE logout / exit fails with Tooltalk message 

 

4366956 

library: NLSPATH gettext introduces problems when used printf format specifier 

 

4364261 

consolidation: sprintf and gettext do not mix 

 

4373273 

audit: praudit has problems with certain audit records 

Trusted Solaris 7 -- Trusted Solaris 8 contains all the patches released for Trusted Solaris 7. 

Significant Changes from the Trusted Solaris 7 Release

Trusted Solaris 7 Bugs Fixed in This Release

The following bugs reported in the Trusted Solaris 7 Release Notes have been fixed in the Trusted Solaris 8 software:

Known Problems with the Software

This section identifies known problems in the Trusted Solaris 8 software, describes them, and suggests solutions to them. These bugs may or may not be fixed in a future release.

bind and accept do not generate audit records (4256066)

The system calls bind and accept are audited through audit events (such as AUE_SOCKACCEPT) in the nt (network) audit class. When the network audit class is preselected for auditing, these events do not appear on the audit trail.

Workaround: None. Do not attempt to collect audit records for bind and accept.

The /etc/shadow file can be relabeled (4388344)

If a user mistypes a password for a local account, the label of the /etc/shadow file may change. This can cause subsequent login attempts to fail.

Workaround: If you mistype the password for a local account, have the security administrator immediately relabel the /etc/shadow file as ADMIN_LOW.

File system label ranges are not enforced for unlabeled NFS file systems (4150441)

This is a very unusual situation to be in. This requires that the administrator consciously configure a NFS remote host to be at one label, and the label range to be another.

Workaround: If you do not want to allow the creation of files at the default label for the server, mount the file system as "read-only". That does not affect existing files, but it prevents the creation of files at a label outside the label range.

Trusted Solaris label encodings file requires coding for ILs (4329208)

Although Trusted Solaris 8 does not support information labels (ILs), the label_encodings(4) command fails with the following error if the label_encodings file omits information about ILs. 

   # chk_encodings label_encodings
   Label encodings conversion error at line 37:
      Can't find INFORMATION LABELS specification.
      Found instead: "SENSITIVITY LABELS:".
   label_encodings: label encodings syntax check failed.

Workaround: Copy a valid SENSITIVITY LABELS: section in your label_encodings file, and rename it to INFORMATION LABELS: : 

INFORMATION LABELS: 
...
WORDS: 
...
REQUIRED COMBINATIONS: 
...
COMBINATION CONSTRAINTS:
...

Label daemon is not locale-aware (4384632)

The label daemon, labeld, always operates in the C locale.

Workaround: In locales where upper/lower case are not a direct mapping of the C locale, the classification and word names, short names, and alternate names in the label_encodings(4) file and all string labels in all databases must be in upper case only. Also, all labels must be entered in upper case only.

NIS (YP) account cannot see assigned profiles (4384781)

Execution attributes for commands/actions in profiles in NIS maps are not seen.

Workaround: Define profiles and execution attributes for actions/commands in the files (local) scope for NIS clients. Or, use NIS+ for your site's naming service.

The smosservice command fails to create OS server (4378498)

The SMC commands smosservice and smdiskless do not work correctly.

Workaround: Set up diskless service manually. On the OS server, name and allocate the client disk partitions during the installation program.

SMC auditing is incomplete (4358479)

The Rights and Serial Manager do not produce auditing records. There is a Solaris bug for this: 4357512. The Groups Manager audits modifications only. The tools to handle trusted network databases, Interface Manager and Security Families, are not audited.

Workaround: None. Do not expect to collect audit records for SMC tools.

SMC Mounts tool does not recognize Trusted Solaris attributes (4382753)

Trusted Solaris security attributes, such as allowed=all, cannot be set or viewed on a mounted file system using the SMC Mounts tool.

Workaround: Mount file systems and view the mounts on your system by using the mount(1M) command.

SMC returns error for a valid IPv6 address (4380852)

When using the Trusted Solaris Management Console, Computers and Networks, Security Families tool, an entry like the following is rejected: 

   IP address:  2::45:b00:20ff:fe78
   Prefix length: 127 
   template: tsol

Workaround: Do not use double colons. For example, enter the above IP address in SMC as follows: 

   IP address:  2:0:0:0:45:b00:20ff:fe78
   Prefix length: 127 
   template: tsol

SMC Scheduled Jobs tool supports admin_low jobs only (4385223)

The SMC Scheduled Jobs tool always runs at ADMIN_LOW even if the SMC client is running at a normal user label, like CONFIDENTIAL. The SMC server runs at ADMIN_LOW and does not consider the client's sensitivity label.

No error message is generated but the cron entry is stored at a label below the user's minimum label.

Workaround: To create cron jobs at labels other than ADMIN_LOW, use the crontab(1) command.

Switching between scopes in SMC is not robust (4381198)

If you use two different scopes during one invocation of SMC, entries can get saved into the wrong scope.

Workaround: Do not switch back and forth between scopes when using the SMC tools. When changing scope, quit and restart the SMC client.

The TSIX network protocol does not work (4291482)

The TSIX network protocol does not work.

Workaround: Use the TSOL network protocol.

Trusted Solaris 8 does not update the Solaris SUNWrdm package

Read the files in SUNWrdm for information on the basic Solaris 8 environment.

Workaround: For late-breaking news, use this book, Trusted Solaris 8 Release Notes.

CDE exit sometimes fails (4385479)

After a user clicks the EXIT icon on the front panel to exit, the system does not return to the login screen. Instead it just hangs with a gray screen. This bug is in base Xserver (4068021, 4378762).

Workaround:

  1. Assume the admin role on another machine.

  2. In the admin role, rlogin to the hung machine.

  3. Find and kill the Xsun process. 

       $ ps -ef | grep Xsun
     Xsun_proc_id
$ kill Xsun_proc_id

Drag and drop does not work for OpenLook applications (4095021)

Drag and drop operations do not work reliably for OpenLook applications.

Workaround: Use the copy and paste keys with OpenLook applications.

Selection Manager restarts in wrong locale (4094175)

If the selection manager process dies for any reason, it is automatically restarted. When it is restarted, it inherits the C locale instead of the locale it was originally started with.

Workaround: Log out and log back in.

The swmtool utility does not work (4284167)

The swmtool(1M) utility does not work in the Trusted Solaris 8 operating environment.

Workaround: Use the pkgadd(1M) utility. Or change the following line in /var/sadm/system/admin/INST_RELEASE to read Solaris: 

# OS=Trusted Solaris
OS=Solaris