Access Control & OS: SOLARIS

SOLARIS.  Sun’s Solaris operating system is in essence a UNIX-based OS, especially since a large part of early UNIX-based OSs were developed by Sun Systems. The file hierarchy is the same as in UNIX systems, with the exception that user accounts created are given a home directory with the path as /export/home/username. All users are given UIDs when their accounts are created. Also, users can be grouped in different groups to assign similar permissions to each. The new features in Solaris systems include use of user templates, projects and the prominent RBAC access control. We shall discuss these in more detail.

User templates can be created in order to set up a template with certain fixed attributes for users. Then users that have similar properties like students, engineers etc can be created using user templates. Users can be assigned to certain projects which associates them with a certain workload component. This is very useful when it comes to resource allocation.

Role-based Access control was introduced in Solaris systems from Solaris 8 onwards. It was introduced with the intention of administrative purpose, which is why the roles are called administrative roles. The idea although similar to the superuser or root, was developed to overcome the shortcomings of having these accounts. The problem with having superuser or root accounts was that anyone who would be able to hijack these accounts, would be all-powerful in the system. But with the use of RBAC in the Solaris system, the Principle of Least Privilege could be enforced. By this, users could be given some administrative rights, but only to the extent that was required. Figure 4: Role-based feature

Figure 4

In the Solaris system, rights are grouped together in to what are called right profiles. These right profiles are then assigned to roles, which users can assume in order to carry out some administrative operations. No roles are created by default, but 3 recommended roles are:

  • Primary Administrator – All powerful and similar to the root or superuser
  • System Administrator – Administrative privileges without security rights
  • Junior Administrator – Administration over some operations like backup, printing etc.

It is to be noted, that roles are totally a function of the organizations needs. The RBAC model introduces some interesting concepts in Solaris. An authorization is a permission to perform a certain class of actions. A privilege is a discrete right that can be assigned to a user, system or object. A security attribute is an attribute that allows a certain process to successfully carry out an operation. Privileged applications can use security attributes to override system controls and perform operations, like setuid and setgid in UNIX systems. A rights profile is a collection of administrative capabilities, and can consist of authorizations, security attributes and even other rights profiles. Finally a role is defined as a special identity for running privileged applications. Roles run privileged applications from a separate shell called profile shell which is a different shell that can recognize security attributes. All of these entities work together as shown in Figure 4.

File Access in Solaris can be controlled through regular UNIX commands as mentioned in the previous section. But a more granular way of controlling access to files is with the help of ACLs. Unlike in UNIX, where all users, groups and others are assigned permissions to a given file, ACLs allow control of access by specific users or groups. This allows finer access control. Access to devices is controlled with the help of device policies and device allocation, which are enforced at the kernel and user allocation time respectfully. In the following lab exercises, some of the tasks are to be performed on the Sun Management Console while the rest are to be performed from command line, through a terminal window. The Sun Management Console (SMC) can be executed at a terminal window as $ /usr/sbin/smc &