System security ensures that the system's resources are used properly. Access controls can restrict who is permitted access to resources on the system. The Solaris OS features for system security and access control include the following:
Login administration tools – Commands for monitoring and controlling a user's ability to log in. See Securing Logins and Passwords (Task Map).
Hardware access – Commands for limiting access to the PROM, and for restricting who can boot the system. See SPARC: Controlling Access to System Hardware (Task Map).
Resource access – Tools and strategies for maximizing the appropriate use of machine resources while minimizing the misuse of those resources. See Controlling Access to Machine Resources.
Role-based access control (RBAC) – An architecture for creating special, restricted user accounts that are permitted to perform specific administrative tasks. See Role-Based Access Control (Overview).
Privileges – Discrete rights on processes to perform operations. These process rights are enforced in the kernel. See Privileges (Overview).
Device management – Device policy additionally protects devices that are already protected by UNIX permissions. Device allocation controls access to peripheral devices, such as a microphone or CD-ROM drive. Upon deallocation, device-clean scripts can then erase any data from the device. See Controlling Access to Devices.
Basic Audit Reporting Tool (BART) – A snapshot, called a manifest, of the file attributes of files on a system. By comparing the manifests across systems or on one system over time, changes to files can be monitored to reduce security risks. See Chapter 5, Using the Basic Audit Reporting Tool (Tasks).
File permissions – Attributes of a file or directory. Permissions restrict the users and groups that are permitted to read, write, or execute a file, or search a directory. See Chapter 6, Controlling Access to Files (Tasks).
Security enhancement scripts – Through the use of scripts, many system files and parameters can be adjusted to reduce security risks. See Chapter 7, Using the Automated Security Enhancement Tool (Tasks).