Installation guide
to add support for a new RPC authentication flavor that is based on the Generalized
Security Services API (GSS-API). This support contains the hooks to add stronger
security to the NFS environment.
The share and mount commands have been altered to provide NFS support for
Kerberos. Also, the share command now allows for multiple authentication flavors
from different clients.
For more information, refer to NFS Administration Guide.
RPCSEC_GSS
The user-level RPC implementation has been modified to add support for a new
authentication flavor. This flavor is based on the GSS-API and provides the hooks to
add stronger authentication, privacy, and integrity for RPC-based services.
Pluggable Authentication Modules (PAM)
Framework
The PAM framework enables you to “plug in” new authentication technologies
without changing the login, ftp,ortelnet commands. You can also use PAM to
integrate UNIX login with other security mechanisms like DCE or Kerberos.
Mechanisms for account, session, and password management can also be plugged in
using this framework.
Some of the benefits PAM provides are
Flexible configuration policy
Ease of use for the end user
The ability to pass optional parameters to the user authentication services
For more information, see System Administration Guide.
Bind 4.9.4-P1
The Solaris operating environment now supports and includes Domain Name
System (DNS) Berkeley Internet Name Daemon (BIND) version 4.9.4 patch level 1.
BIND is the most popular implementation of DNS. BIND is critical for Internet
connectivity because it provides an Internet naming service that stores host (IP)
addresses, mail information, and similar data for lookup purposes. BIND always
includes a number of programs and the resolver library. The main program is named,
the daemon that provides DNS information. Applications such as telnet
communicate with named via the resolver library.
What’s New: A Closer Look 3-27