LISA 2000 Technical Program

LISA 2000 Abstract

YASSP! A Tool for Improving Solaris Security

Jean Chouanard, Xerox - Palo Alto Research Center

Abstract

This paper presents YASSP, Yet Another Secure Solaris Package, a set of tools developed to help a systems administrator to secure a Solaris host. It explains the internal mechanism used by YASSP to implement these security changes so that a systems administrator can either use this tool in its current form and localize it, or modify the package source to match his needs.

YASSP is composed of the SECclean package and a set of optional packages providing common useful security related tools. The SECclean internal mechanism used to modify the existing operating system is implemented through the Solaris package mechanism and provides a full un-installation procedure. It has required the development of a specific library of shell functions, to ease file manipulations.

The YASSP project provides to the community an easy path to secure a Solaris host. It has taught us a lot about Solaris internals and package manipulation. YASSP is still young, and ready to be enhanced.

View the full text of this paper in HTML form, PDF form, and PostScript form.
If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
To become a USENIX Member, please see our Membership Information.

Need help? Use our Contacts page.

Last changed: 16 Jan. 2002 ml

Technical Program

LISA 2000 Home

USENIX home