What's New in the Solaris 9 Operating Environment

Security Enhancements

Feature Description
Solaris Smartcards The Solaris Smartcard feature implements the Open Card Framework (OCF) 1.1 standard. Security administrators can use this technology to protect a computer desktop or individual application by requiring users to authenticate themselves by means of a smart card.
Default File System and Directory Permissions Many system files and directories in the Solaris 8 release have different default ownership and stricter permissions than in previous releases.
Role-Based Access Control (RBAC) Traditional superuser-based systems grant full superuser powers to anyone who can become superuser. With RBAC, administrators can assign limited administrative capabilities to normal users.
Centralized Administration of User Audit Events The file, `/etc/security/audit_user`, which stores audit preselection classes for users and roles, is now supported in the name switch. You no longer need to set up the audit events for a user on each system to which the user has access.

Feature Description

Solaris Smartcards

The Solaris Smartcard feature implements the Open Card Framework (OCF) 1.1 standard. Security administrators can use this technology to protect a computer desktop or individual application by requiring users to authenticate themselves by means of a smart card.

Default File System and Directory Permissions

Many system files and directories in the Solaris 8 release have different default ownership and stricter permissions than in previous releases.

Role-Based Access Control (RBAC)

Traditional superuser-based systems grant full superuser powers to anyone who can become superuser. With RBAC, administrators can assign limited administrative capabilities to normal users.

Centralized Administration of User Audit Events

The file, /etc/security/audit_user, which stores audit preselection classes for users and roles, is now supported in the name switch. You no longer need to set up the audit events for a user on each system to which the user has access.