Solaris 9 to beef up OS, application security
In your shell-like
With Sun getting ready to launch Solaris 9, the next generation of its Unix operating system, sometime between now and the end of June, everyone is scrambling to try to figure out what will make Solaris 9 different from the existing Solaris 8,Timothy Prickett Morgan writes
One of the big differences, it turns out, will be substantially enhanced security mechanisms for both the operating system and its applications.
Sun has already divulged some of the threading library changes in Solaris 9 and its intent to make it easier for companies to deploy and manage Solaris servers using its future iChange systems management programs.
Solaris 9 will contain features that will eventually be developed in full form in the iChange program, which will probably take another year to year and a half to come fully to market. Solaris 9 is also expected to include a host of new management tools and be built using a much more modular approach, allowing Sun to streamline the installation process for Solaris for particular workloads, much as Microsoft Corp does with its various Windows versions.
In the meantime, everyone is concerned with security these days, and Sun's software engineers are doing what they can to try to improve the security of the Solaris environment. Sun has a slew of enhancements coming in Solaris 9 aimed right at these concerns.
First, Solaris 9 will include a Secure Shell feature that implements the Secure Shell version 1 and version 2 protocols and allows for strongly authenticated, encrypted remote access to and from Solaris machines in multi-platform environments. The Secure Shell implementation in Solaris 9 supports DEC, 3DES, AES, and Blowfish encryption algorithms. Secure Shell support will work with the existing IPv4 or new IPv6 Internet protocols. The Secure Shell implementation is fully integrated with Solaris and uses its logging mechanisms and is intended to replace less secure remote access methods such as rcp, rsh, telnet, and X11. Incidentally, Ravi Iyer, one of the product line managers for Solaris, says that Sun is using the OpenSSH code for the BSD implementation of Unix with Solaris 9 and has made auditing and logging enhancements to OpenSSH for Solaris that it is giving back to the open source community.
Perhaps more significantly, Solaris 9 will include barriers that limit the ability of hackers to exploit buffer overflows in the Solaris software stack to gain root access to Solaris and thereby take over a machine. Buffer overflows are one of the dominant means hackers use to gain access to machines. Simplifying somewhat, a buffer overflow hack is caused by an executable file, such as a virus, entering a machine and cramming so much garbage into a buffer that it vomits all over itself; when it vomits, hackers can see root permissions that systems and application programs may have, and thereby gain those much-valued root permissions for themselves.
Sun cannot stop buffer overflows any more than any other operating system vendor could, but whatever trick Sun has up its sleeve for Solaris 9 apparently prevents a buffer overflow from allowing root access, even if it doesn't stop buffer overflows cold. Whatever this trick is, it happens at application compile time and is done way down near the hardware layer; customers will have the option of invoking this security feature at compile time or not. Stopping all buffer overflows, says Bill Moffitt, another of the program line managers for Solaris, would be very, very difficult in that the operating system would have to check to see if a buffer was full as each bit of data came into that buffer.
Solaris 9 will also implement a Kerberos V5 environment, with coverage for server and client applications that access Solaris servers. Kerberos is a single sign-on systems program created by the nerds at the Massachusetts Institute of Technology that allows users to move around a network of computers (typically incompatible ones like Unix and Windows servers) supporting Kerberos without actually passing around the passwords that allow users to jump from machine to machine and application to application. Sun says that it has improved Kerberos support to allow password changing against Microsoft's Active Directory or MIT Key Distribution Centers.
The forthcoming OS will also sport a number of other security-related features. Solaris 9 will support the IPSec encryption for IPv6 and IPSec/IKE for IPv4. All cryptographic modules within Solaris 9 will support 128-bit keys as standard, including non-US releases of Solaris. Solaris 9 will also have an integrated firewall called SunScreen, at the 3.2 release, bundled in.
SunScreen is a dynamic packet filtering firewall that includes VPN support and proxy support for Web servers, FTP servers, Telnet sessions, and SNMP servers. It will run on the 32-bit and 64-bit Sparc and Intel Solaris kernels. Finally, Solaris 9 will have a built-in random number generator for both the
Solaris kernel and for applications.
This random number generator has been abstracted above the UltraSparc-III processor so it will work with future UltraSparc-IV and "Millennium" (UltraSparc-V) processors. Cryptography depends to a large extent on randomly generated numbers, and having a random number generator that is abstracted from the hardware and available for all applications is useful for vendors who want to create firewalls and other security products for Solaris servers. firstname.lastname@example.org
ComputerWire. All rights reserved.
Sponsored: Global DDoS threat landscape report