Solaris Security Toolkit v0.3.10
From: Glenn M. Brunette, Jr. (email@example.com)
- Previous message: bsec: "Crypt Setting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 23 Dec 2002 18:03:12 -0500 From: "Glenn M. Brunette, Jr." <firstname.lastname@example.org> To: email@example.com, firstname.lastname@example.org
I am pleased to announce the release of the Solaris Security
Toolkit version 0.3.10. The Solaris Security Toolkit, also known
as JASS, is a free tool that can be used to automatically secure
and minimize systems running the Solaris Operating Environment.
With this new release, the Toolkit adds the capability to verify
the security posture of a system against a supplied security profile
(Driver script). Note that the same Driver scripts used to harden
a system can be used in verify mode to query the system's status.
The majority of changes released in this version support the verify
- the addition of the '-v' (verify) option to jass-execute to
operate in verify mode. Note that the older '-v' option has
been remapped to '-p' as documented in the CHANGES file that
is included with the distribution.
- the implementation of a new logging framework to begin the
process of standardizing output across all of the operating
modes (hardening, undo, verify).
- the ability to select one of five verbosity modes when running
the Toolkit in verify mode. The five levels (0-4) are listed
and described in the INSTALL file included with the Toolkit
- the ability to customize the output of verify runs based on
the data desired. For more information on this functionality,
see the INSTALL file included in the Toolkit distribution.
- the addition of the '-m' (mail) option to jass-execute to
e-mail the output of a run to a specified e-mail address.
Other changes implemented in this release include:
- addition of enable-tcpwrappers.fin Finish script (Solaris 9)
- addition of 'sun-dr' to the list of services to disable
by default. This is still permitted however on F15K domains
since this functionality is required.
- updated disable-sendmail.fin to disable message submission
agent in the Solaris 9 OE.
In addition, there were several minor enhancements and bug fixes
included in this distribution. For more details on these
enhancements, refer to the CHANGES file included in the
As before, the Toolkit can run in standalone mode on pre-installed
systems or as part of the JumpStart(tm) installation process.
The latest Toolkit information and download source is available at:
--- Glenn M. Brunette, Jr. Principal Engineer, Lead Security Architect Sun Professional Services, Americas Sun Microsystems, Inc.