Go to main content

Securing Systems and Attached Devices in Oracle® Solaris 11.4

Exit Print View

Updated: July 2019
 
 

Controlling Access to Files

Oracle Solaris is a multiuser environment in which all the users who are logged in to a system can read files that belong to other users. With the appropriate file permissions, users can also use files that belong to other users. For more discussion, see Chapter 1, Controlling Access to Files in Securing Files and Verifying File Integrity in Oracle Solaris 11.4. For step-by-step instructions on setting appropriate permissions on files, see Protecting Files in Securing Files and Verifying File Integrity in Oracle Solaris 11.4.

Encrypting Files on Disk

You can keep a file secure by making the file inaccessible to other users. For example, a file with permissions of 600 cannot be read except by its owner and by the root account. A directory with permissions of 700 is similarly inaccessible. However, someone who guesses your password or who discovers the root password can access that file. Also, the otherwise inaccessible file is preserved on a backup tape every time that the system files are backed up to offline media. For additional protection, you can use on-disk encryption or use Cryptographic Framework commands.

For more information about ZFS file systems, see Encrypting ZFS File Systems in Managing ZFS File Systems in Oracle Solaris 11.4.

The Cryptographic Framework provides digest, mac, and encrypt commands. Regular users can use these commands to protect files and directories. For more information, see Chapter 1, About Cryptographic Providers in Oracle Solaris in Managing Encryption and Certificates in Oracle Solaris 11.4.

Using Access Control Lists

ACLs, pronounced "ackkls", can provide greater control over file permissions. You add ACLs when traditional UNIX file protections are not sufficient. Traditional UNIX file protections provide read, write, and execute permissions for the three user classes: owner, group, and other. An ACL provides finer-grained file security.

    ACLs enable you to define fine-grained file permissions, including the following:

  • Owner file permissions

  • File permissions for the owner's group

  • File permissions for other users who are outside the owner's group

  • File permissions for specific users

  • File permissions for specific groups

  • Default permissions for each of the previous categories

To protect ZFS files with access control lists (ACLs), see Setting ACLs on ZFS Files in Securing Files and Verifying File Integrity in Oracle Solaris 11.4. For information about using ACLs on legacy file systems, see Using Access Control Lists to Protect UFS Files in Securing Files and Verifying File Integrity in Oracle Solaris 11.4.

Sharing Files Across Systems

A network file server can control which files are available for sharing. A network file server can also control which clients have access to the files, and what type of access is permitted for those clients. The file server can grant read-write access or read-only access either to all clients or to specific clients. Access control is specified when resources are made available with the share command.

When you create an NFS share of a ZFS file system, the file system is permanently shared until you remove the share. SMF automatically manages the share when the system is rebooted. For more information, see Oracle Solaris ZFS Features in Managing ZFS File Systems in Oracle Solaris 11.4.

Restricting root Access to Shared Files

Usually, superuser is not allowed root access to file systems that are shared across the network. The NFS system prevents root access to mounted file systems by changing the user of the requester to the user nobody with the user ID 60001. The access rights of user nobody are the same as those access rights that are given to the public. The user nobody has the access rights of a user without credentials. For example, if the public has only execute permission for a file, then user nobody can only execute that file.

An NFS server can grant root access to a shared file system on a per-host basis. To grant these privileges, use the root=hostname option to the share command. You should use this option with care. For a discussion of security options with NFS, see Chapter 5, Commands for Managing Network File Systems in Managing Network File Systems in Oracle Solaris 11.4.

Assigning Labels to Files

Oracle Solaris enables you to configure systems that enforce company security policy in software by using labels. You can use provided labels or customize the labels to display your organization's security phrases, such as Confidential - Internal Only. An Oracle Solaris label policy enables you to assign these labels to existing or new file systems that contain sensitive data, and assign a set of trusted users the ability to access the files based on the users' clearances.

For information, see Chapter 3, Labeling Files for Data Loss Protection in Securing Files and Verifying File Integrity in Oracle Solaris 11.4.

For other file security options, see Controlling Access to Files.

Monitoring File Integrity

As a system administrator, you need assurance that the files that were installed on the systems that you administer have not changed in unexpected ways. In large installations, a comparison and reporting tool about the software stack on each of your systems enables you to track your systems. The Basic Audit Reporting Tool (BART) enables you to comprehensively validate systems by performing file-level checks of one or more systems over time. Changes in a BART manifest across systems, or for one system over time, can validate the integrity of your systems. BART provides manifest creation, manifest comparison, and rules for scripting reports. For more information, see Chapter 4, Verifying File Integrity by Using BART in Securing Files and Verifying File Integrity in Oracle Solaris 11.4.