Access Control and Auditing Features in the Solaris 10 OS

Role-based access control (RBAC), privileges, auditing, and the Basic Audit Reporting Tool (BART) are security features of the Solaris OS. This article links to tutorials about these features that were created by OpenSolaris community members.

Posted at 09:00AM Mar 27, 2008 by CM and KP in BigAdmin  |  Comments[0]

Updates to Java SE 6 Platform and Earlier Versions

Sun released updates today for the following:

• JDK and JRE 6 Update 5
• JDK and JRE 5.0 Update 15
• SDK and JRE 1.4.2_17
• SDK and JRE 1.3.1_22

Get details from the Sun security blog, and check the Java SE download page for updates.

Posted at 02:58PM Mar 04, 2008 by GD in Core Java  |  Comments[0]

Updates: Sun Java System Directory Server 6.0 as an LDAP Naming Service

"Part 1 -- Installation and Configuration" has a lot of new info on configuring SSL using CA-signed certificates. See the section on "Configuring SSL and the idsconfig Script".

Posted at 07:04AM Feb 12, 2008 by CM and KP in BigAdmin  |  Comments[0]

Tech Tip on BigAdmin Wiki: Remote Updating With sudo

Here's a new community submission on remote updates using rdist and rsync with sudo. You can use rdist and rsync over ssh from a master machine and use sudo on the client machines from a non-privileged account.

Posted at 09:00AM Jan 14, 2008 by CM and KP in BigAdmin  |  Comments[0]

Tips on Using SSH With Sun Cluster Software

A long-time BigAdmin contributor sent in these two tech tips: Using ssh to Access Logical Nodes in a Cluster Environment and Setting Up crlogin to Work via SSH Using Sun Cluster 3.0/3.1 Software. The first tip shows how to avoid problems when using SSH on a logical node, or when using automatic authentication. The second offers steps for using SSH with crlogin, which makes it easier to administer multiple servers or clusters.

Posted at 09:00AM Jan 08, 2008 by CM and KP in BigAdmin  |  Comments[0]

User Authentication on the Solaris OS Part 4: PAM Service Functions

In this final installment in this series, learn to write PAM (Pluggable Authentication Modules) service modules for authentication and security services, and see an example module.

Posted at 01:00AM Dec 19, 2007 by cs, managing editor in Solaris-SunStudio  |  Comments[4]

Solaris Trusted Extensions Technical FAQ

This FAQ answers technical questions about Solaris Trusted Extensions. Topics span NFS protocols, remote login to a labeled zone, and much more.

Posted at 09:00AM Dec 05, 2007 by CM and KP in BigAdmin  |  Comments[0]

Open Source Parameter Guide and Security Documentation

Did you know that the Solaris Tunable Parameters Reference Manual is open source?
Download the latest XML source files and HTML. [The SOLTUNEPARAMREF directory contains the guide.]

The Solaris Trusted Extensions and security administration documentation is also open source.
Download the latest XML source files and HTML. [Directories beginning with TR contain the Trusted docs, the SYSADV6 directory contains the security services administration guide.]

Posted at 06:00AM Dec 03, 2007 by cs, managing editor in Solaris-SunStudio  |  Comments[1]

Sun and Trend Micro and Securing the Web

Sun's vision is to enable participation on the network, and to help
ensure this can happen with less risk of attack, Sun teams with
innovative, industry-leading software vendors such as Trend Micro.
>>More

Posted at 11:13AM Nov 23, 2007 by cs, managing editor in Solaris-SunStudio  |  Comments[0]

Sun Alert 102934: Security Vulnerabilities in JRE Image Parsing Code

"A buffer overflow vulnerability in the image parsing code in the Java Runtime Environment (JRE) may allow an untrusted applet or application to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet." Read details and get the fix.

Posted at 07:57AM Oct 24, 2007 by GD in Core Java  |  Comments[0]

Sun Security Blog: Vulnerabilities in JRE May Allow Circumvention of Network Access Restrictions (Sun Alert 103078)

Security vulnerabilities in the JRE may allow network access restrictions to be circumvented. Read the details and get the solution at Sun Alert 103078.

Posted at 07:27AM Oct 10, 2007 by GD in Core Java  |  Comments[0]

Sun Security Blog: JRE Vulnerability (Sun Alert 103079)

A vulnerability in the Java Runtime Environment (JRE) with applet caching may allow an untrusted applet that is downloaded from a malicious web site to make network connections to network services on machines other than the one that the applet was downloaded from. Read more at Sun Alert 103079.

Posted at 09:58AM Oct 05, 2007 by GD in Core Java  |  Comments[0]

Sun Advances Security for the Java SE Platform

Sun Microsystems, Inc., is announcing two new Java SE security response features, each designed to strengthen the Java platform's position as one of the most widely used, secure software platforms available. Read more.

Posted at 09:57AM Oct 05, 2007 by GD in Core Java  |  Comments[0]

User Authentication on the Solaris OS Part 3: PAM Conversation Functions

In this article,  learn to use the conversation functions of the PAM (Pluggable Authentication Modules) API and examine a sample program.  This is the third installment in Rich Teer's series on User Authentication.

Posted at 12:00AM Sep 26, 2007 by cs, managing editor in Solaris-SunStudio  |  Comments[0]

User Authentication on the Solaris OS: Part 1

Rich Teer, Open Solaris Governing Board member, begins an interesting series on User Authentication.

In this short series of articles, you'll see how to write programs that use passwords and other methods to authenticate the user. In Part I, he discusses the principles and illustrates them with an example that works only with password-based authentication.
 

Posted at 09:02AM Jul 18, 2007 by cs, managing editor in Solaris-SunStudio  |  Comments[0]