1. Securing Systems and Attached Devices in Oracle Solaris 11.4
  2. Managing Computer System Security
  3. Controlling Access to System Resources
  4. Preventing Intentional Misuse of System Resources

Preventing Intentional Misuse of System Resources

Malware can target memory, process heaps, buffers, and other vulnerable areas in the kernel. Oracle Solaris provides a Security Extensions Framework to protect applications from malware. Security extensions provide system-level security defenses, although applications can explicitly opt in and opt out of each particular defense.

As the name implies, the Security Extensions Framework is designed to counter malicious attacks on hardware or kernel software by extending security to specific kernel objects and hardware objects. In all cases, the framework allows the administrator to decide whether the system's environment is enough at risk to warrant enabling the extension to mitigate attacks on the at-risk objects. Note that some mitigations by the framework could result in slower performance.

For more information, see Protecting Against Malware With Security Extensions and the sxadm(8) man page.