Security Options
Currently available bundled security options are Kerberos security, the SunSHIELDTM package, and Pluggable Authentication Module (PAM).
Kerberos 4.0 Security
The Solaris 7 operating environment includes support for Kerberos V4 authentication for secure RPC. (Kerberos source code and administrative utilities are available from MIT.) Included in this release are:
-
Client applications library that can use Kerberos
-
Kerberos option to Secure RPC
-
Sun's NFSTM distributed computing file system application with Kerberos
-
Commands to administer user tickets on the client
System Administration Guide, Volume II describes the client-side utilities included in the release. NFS Administration Guide describes the use of Kerberos with the NFS application.
SunSHIELD Package
The Solaris 7 release includes the SunSHIELD Basic Security Module (BSM) package. This product provides the security features defined as C2 in the Trusted Computer System Evaluation Criteria (TCSEC). The features provided by the BSM are a security auditing subsystem and a device allocation mechanism. C2 discretionary access control and identification and authentication features are provided in the operating system.
The administration of BSM is included in SunSHIELD Basic Security Module Guide.
PAM
The Pluggable Authentication Module (PAM) framework enables new authentication technologies to be "plugged-in" without changing commands, such as login, ftp, telnet and so on. The framework enables a system administrator to choose any combination of services to provide authentication. Mechanisms for account, session, and password management can also be "plugged-in" using this framework.
System Administration Guide, Volume II describes the administration of PAM.
- © 2010, Oracle Corporation and/or its affiliates