/etc/system commands

From: Christopher L. Barnard (cbar44@tsg.cbot.com)
Date: Mon Oct 07 2002 - 17:06:35 EDT

• Next message: Christopher L. Barnard: "(no) SUMMARY: secure rpcbind still secure?"
• Previous message: doberman000@sympatico.ca: "Replacing Mirrored Drive"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

For Solaris 7 and Solaris 8, one of the basic security hardening steps
is to put the following two lines into /etc/system to make the stack
non-executable:

set noexec_user_stack=1
set noexec_user_stack_log=1

I am wondering if these /etc/system commands will work with an older OS
(Solaris 2.6) or with a newer OS (Solaris 9). If anyone can confirm that
these do what they should do and don't cause the server to die a painful
death when added, I would be much appreciative.

TIA, and I will summarize.

+-----------------------------------------------------------------------+
| Christopher L. Barnard O When I was a boy I was told that |
| cbarnard@tsg.cbot.com / \ anybody could become president. |
| (312) 347-4901 O---O Now I'm beginning to believe it. |
| http://www.cs.uchicago.edu/~cbarnard --Clarence Darrow |
+----------PGP public key available via finger or PGP keyserver---------+
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Christopher L. Barnard: "(no) SUMMARY: secure rpcbind still secure?"
• Previous message: doberman000@sympatico.ca: "Replacing Mirrored Drive"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:25:04 EDT