Solaris 8 Security, on the other hand, provides a very good overview of Solaris security without the bulk of unnecessary and often extraneous information. The book covers a lot of ground. The author covers key issues involved with the various aspects of securing Solaris systems, but does not get bogged down in page-wasting minutiae.

The first three chapters provide a good introduction to basic security, cryptography, and system security issues. Chapter 4 gives a good synopsis of the authentication and authorization facilities in Solaris 8. The chapter includes information about the basics, such as etc/passwd and /etc/shadow, and the new RBAC (Role Based Access Control) functionality that is available in Solaris 8. In the past, RBAC was only available on Trusted Solaris; now it is included in standard versions of Solaris 8 and above.

RBAC attempts to solve the problem of network users having far more network access than is necessary. The fact is that most existing networks allow users to access 10 to 20 times more resources than they will ever use or need. Because authorized users commit roughly 80% of computer crime, providing too much access is a huge security risk. So how does a systems administrator reduce overall user permissions by 70-90%, while providing users with the necessary access on a need-to-know and need-to-do basis? RBAC.

Further chapters in Solaris 8 Security deal with Kerberos, auditing and accounting, and open source security tools. Chapters 8 through 10 conclude the book with overviews of network security and IPSec. Chapter 8 has some very helpful hints on fine-tuning the Solaris 8 TCP/IP stack via various configuration tools and files. Chapter 10 details how to secure various network services including HTTP and NFS.