Manualshelf

User's Manual

ManualsBrandsSolaris ManualsSoftwareCX-310-301
12345678910
Solaris 9 Security CX-310-301 8
The Set-Uid and Set-Gid Permissions ................................................................................... 57
Implications of Lax File and Directory Permissions................................................................ 57
Access Control Lists (ACL) ........................................................................................................ 58
Identifying an ACL .................................................................................................................. 58
Setting ACLs........................................................................................................................... 59
Modifying an ACL ................................................................................................................... 59
Deleting an ACL ..................................................................................................................... 60
Recalculating the Mask of an ACL ......................................................................................... 60
PAM and Kerberos..................................................................................................................... 60
Pluggable Authentication Module (PAM) ............................................................................... 60
Deploying PAM in a Production Environment ........................................................................ 61
Add a new PAM Module......................................................................................................... 61
Kerberos / SEAM.................................................................................................................... 62
How Kerberos Works ............................................................................................................. 62
Limitations of Kerberos........................................................................................................... 62
Host and Network Prevention ...................................................................................... 63
Fundamentals ............................................................................................................................ 63
Firewall ................................................................................................................................... 63
IPsec....................................................................................................................................... 64
Network Intrusion ................................................................................................................... 64
Intrusion Detection ................................................................................................................. 64
Restricting Network Services ..................................................................................................... 64
Inetd Services......................................................................................................................... 64
Run Control Services ............................................................................................................. 65
Remote Procedure Call (RPC) Services ................................................................................ 65
Host Hardening .......................................................................................................................... 65
Solaris Security Toolkit .............................................................................................................. 66
Installing SST ......................................................................................................................... 67
Configuring SST ..................................................................................................................... 67
Running SST .......................................................................................................................... 68
Updating an SST Run ............................................................................................................ 69