Sun’s Trusted Solaris 8 builds on the vendor’s Solaris foundation with stronger access controls and support for multilevel data separation that extends from the core to the desktop environment. Trusted Solaris demands greater administration expertise than do mainstream OSes, but it can make potentially vulnerable pieces of a company’s infrastructure significantly more secure. Read the review here.
Review: Sun Microsystems Inc.’s Trusted Solaris
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
like SELinux does! Also, unlike SELinux. And, as a complete product rather than a do-it-yourself add-on, it boasts a greater integration level of trusted Solaris extend to the desktop environments, the desktop environments, the desktop environments.
Great article!
It hasn’t to be OSS to be an exceptional piece of software.
“It hasn’t to be OSS to be an exceptional piece of software.”
It sure doesn’t. Sun isn’t just going to go away without a fight and this is a fine example. Open source only goes so far without the backing of some big guns. (read $$$)
Hi, I’m Zoss, the open source zealot. I have no idea what roles Trusted Solaris is intended for, and I don’t care. Fancy pants government certifications don’t mean anything to me, because I don’t know what they are. All I know is that OpenBSD is better, because OSS must be better, and if you think it isn’t I can name about 200 whiz bang features that OpenBSD has that I bet Trusted Solaris doesn’t, although I certainly don’t know because I’ve never used Solaris in my life. But after all, all the smartest minds in the world are working on OSS, right? And who can match that? No company, no siree! I don’t care that OpenBSD can’t run on any recent Sun hardware because it doesn’t support UltraSPARC III, in fact, I’m ANGRY at Sun for not releasing the specifications to the UltraSPARC III processor without an NDA! I don’t really care if they would allow the OpenBSD developers to see them under NDA, because NDAs are bad. Information wants to be free, that’s what Richard Stallman says. I will rabidly support Theo de Raadt and Richard Stallman. Any time I see an evil proprietary technology being touted everywhere, I will viciously remind everyone that there’s open source alternatives, even if they aren’t remotely applicable or practical for the application at hand.
Without question the most accurate and humorous post on OSnews ever. I’ll be laughing about this one for years.
I believe there was an article somewhere (not long ago) that linked to an audit (by someone at Sun) regarding possible security issues in Gnome. It seemed to be aimed at least partly at this kind of product. Thus it appears that Sun is looking at how to integrate the certified levels of security required into the new desktop.
The big difference between anything OSS and these products is probably the level of certification, which somewhat implies end-to-end process control (hardware, OS & desktop).
Features like this ought to be good market for a company like Sun, since everyone else is a long way behind in this area. Imagine MS releasing “Trusted” Windows (har har).
btw Zoss is obviously a legend. Woot!
that is the best name for an open source troll yet, keep up the good comedy…
Got it, Z(oss),
Z=??
oss=open source software
What the Z?
Disclaimer, running w/out sleep for 36 hours.
This is the perfect market for commercial software. Anything that lies outside the day to day desktop/server stuff will and should be commercial, IMO. FOSS doesn’t have the dev hours to implement every little detail some organizations require. So to get there corps can either do it themselves, as Sun has always been doing. Or borrow free or open source code that may be relevant and not too amateurish to base a product on.
But one day, when FOSS has full control of the desktop and server markets, it might have a few extra dev hours to compete with these specialized things. Don’t forget that commercial entities like RedHat and IBM are working on FOSS, too.
Sometimes I wonder if the momentum behind FOSS makes certain people jealous. I take comfort in that. Does anyone here think the wind will ever leave its sails? Can the same be said about Sun, RedHat, IBM, Microsoft or even the US government?
I guess its always possible all this free software will eventually be lame, boring and stupid in the eyes of all the developers, sys admins and hackers in the world. Anything’s possible…
Sorry, don’t know anything about the topic, really.
Brilliant post. Love it and how truthful it is…. most funny is that right after your post someone complains about trolling *LoL*… I guess that’s why I prefer Trusted Solaris, so I don’t have to be cathegorized into the same group of people who are totalitarian and can’t take jokes.
Good one Zoss
“…as a complete product rather than a do-it-yourself add-on, it boasts a greater integration level of trusted features…”
oh.. but
“With the release of Solaris 10, expected early next year, Trusted Solaris will cease to be a completely separate operating system product, becoming instead an add-on for Solaris.”
correct me if im wrong, but “trusted solaris” has always been solaris+security add on? arent these “trusted solaris” features, selinux, grsecurity, trustedbsd, blablabla, implementations of EXACTLY the same security framework on different systems?
trusted solaris has been around before selinux, just like the features trusted solaris implements have been around before solaris. i dont even understand why anyone would call this “news”.
I have been thinking along the lines of a Zoss argument for a long time, but never put it in words this clearly before.
You know how it is: people fear what they don’t understand.
Hi
Selinux is integrated and enabled by default on FC 3 which is scheduled to be released a couple of months away. It is available for a free download after that
Meanwhile “trusted” solaris is
”
Trusted Solaris costs from $995 per seat for the Standard Edition Desktop System to $79,495 for the Certified Edition Data Center Server”
For me that puts trusted solaris completely out of reach.
OSS sure is more applicable and innovative for me
You said it, “for you”. It doesn’t means “for everyone”.
As far as Solaris + Trusted, its basically Trusted merged into Solaris without those add-ons.
Got it?
> You know how it is: people fear what they don’t understand.
considering close to 100% of so called “open source zealots” around here dont even understand what open source is, im not so sure thats applicable.
lack of understanding abounds in any kind of zealotry, i think. but at least you can laugh a bit at the posts.
I can’t hardly wait to test it.
You said it, “for you”. It doesn’t means “for everyone”.
—
ya. thats basic English.
If this is the caliper of “reviews” from eWeek, then they should not waste their time! The link provided is for an “actual” review of Trusted Solaris:
http://www.samag.com/documents/s=1769/sam0112i/0112i.htm
The brief discussion about roles they forgot to mention that RBAC (Role Based Access Control) has been available since Solaris 8, and you can set up root as a role (just like Trusted Solaris’ install user).
Not only that, runpd is a debugging tool for privileges:
http://docs.sun.com/db/doc/817-0880/6mglau85l?q=runpd&a=view
The actual command you would use to examine privileges is ppriv:
http://docs.sun.com/db/doc/817-0879/6mgl9vnh0?q=ppriv&a=view
To test the privileges use pprivtest:
http://docs.sun.com/db/doc/817-0879/6mgl9vnh1?q=ppriv&a=view
The ppriv command is part of Solaris 10 and is used to set privileges on a system:
http://docs.sun.com/db/doc/816-5165/6mbb0m9p1?q=ppriv&a=view
The use of Gnome is of no concern to most system administrators since in the environments where Trusted Solaris would likely be used, CDE would me mandated by security policy (Department of Defense Common Operating Environment) for example. RedHat in order to get Common Criteria EAL2 for Advanced Server incorporated Open Motif so that COE compliant applications could run on RHAS.
If the Open Source community intends to get their products into the US (or any other Government) they will have to concern themselves with Common Criteria certification and standardization. And any company concerned with security should be looking at this as well.
“Trusted Solaris costs from $995 per seat for the Standard Edition Desktop System to $79,495 for the Certified Edition Data Center Server”
For me that puts trusted solaris completely out of reach.
OSS sure is more applicable and innovative for me”
Do you have a requirement for military grade security? if
not, it’s not aimed at you anyway. As others have already
pointed out, a lot of the Trusted features (RBAC etc.) will
be coming with Solaris 10 anyway. The plan is to have
one version of Solaris which can do whatever security you
need out of the box. Until then Trusted is probably the
best thing out there.
To put it simply – very simply in fact, Trusted Solaris includes technologies that are similar to (in concept or implementation) the infamous “Palladium” (DRM for the OS).
This is no problem in army/government situations as I am sure they get some of the “source” (not as in OSS) so that they can modify on the go (imagine if something needed 2 be fixed during warfare) and they have the expertise.
Also, if equipment stolen good luck to the terrorist digital forensic team extracting anything from the computer – thats even they can access those parts of the system seeing as thought the status of a user is seperate from its role (I am using sociology definitions of status and role).
What was controvertial about MS plan is that they want to do this to regular user’s computers as a copout from designing a really secure OS.
A post on Miguel points out some not-so-hidden security issues with Longhorn/.Net that have to do with bad design decisions. There is speculation that some of those “bad decisions” were “deliberate” as the company attempted to ensure a “lockable” platform i.e. lockable as in vendor lock-in.
So to answer your question – NO, Trusted Solaris is not:
Solaris + Security
rather
(Solaris o Security)
CDE would me mandated by security policy
—-
No. It wouldnt be unless it requires a particular toolkit which would be insane.
> To put it simply – very simply in fact, Trusted Solaris includes technologies that are similar to (in concept or implementation) the infamous “Palladium” (DRM for the OS).
There is practically nothing in common between Palladium and Trusted Solaris. One is targeted at digital rights management and protecting copyright/integrity in consumer market, the other is targetted at strong security in general. Apples to oranges comparison at the very least.
i was under the impression trusted solaris was solaris plus RBAC and MAC, better auditing, and generally a more secure configuration systemwide. at least after checking out http://wwws.sun.com/software/solaris/trustedsolaris/ds-ts8/index.ht…. if thats true, i dont see anything different from many implementations throughout the years, either proprietary, open or academic. i dont see anything about data encryption, which would prevent forensic analysis. roles wouldnt, thats not what rbac is designed for.
the part about windowing and cde does remind me of some “palladium” features ive read about some time ago, but i dont think these security features are aimed at DRM. i dont know that much about palladium tho.
as for certification, its absolutely useless in the “real world”. its taken into account for government use and such, but its a source of income first (it takes alot of money to get certified) and its no mesure of how secure a system is. it only makes sense in HIGHLY specific environments, were a more or less standard unix system (which is what trusted solaris is) doesnt fit.
With the release of Solaris 10, expected early next year, Trusted Solaris will cease to be a completely separate operating system product, becoming instead an add-on for Solaris.
It occurred to me that the notion that security can or should be an add-on is absurd and what’s even more absurd is that Sun markets it as an add-on and charges more for it. It struck me just how important an example OpenBSD is to the rest of proprietary AND OSS world. And yes, I understand that there can be performance penalties and administrative burden associated with security but I still firmly believe that having a marketing campaign around security as an add-on is ridiculous!
Cheers
> It occurred to me that the notion that security can or should be an add-on is absurd
keep in mind the sort of security were talking about. its not too absurd when its about “added” security, different features that might not be that useful in many environments. it doesnt mean other versions of solaris cant be configured to be resonably secure.
its not secure product vs unsecure product, its these features vs those features.
Just curious, but how does Trusted Solaris compare to Secure OS (a BSDi based OS writtent by the folks who developed the technology used in SELinux)?
Its not absurd that they chage more for Trusted Solaris. You have to consider costs associated with the certification process, etc. Its a lot of work to the OS certified for DOD use, etc.
Hi
Selinux is integrated and enabled by default on FC 3 which is scheduled to be released a couple of months away. It is available for a free download after that
SELinux is available in the current Fedora 2 as well. Just type selinux at the boot prompt when you install. It works quite well, but I wish there was better documentation on how to configure security policies, or even better some nice GUI for doing it.
They’re not still including CDE with Solaris, are they? Surely they don’t make people look at perhaps the most hideous DE of all time..right?
SELinux is available in the current Fedora 2 as well. Just type selinux at the boot prompt when you install. It works quite well, but I wish there was better documentation on how to configure security policies, or even better some nice GUI for doing it.
—-
in case you arent aware
1) fc2 didnt have selinux enabled by default
2) the policy was strict in fc2. its targetted in fc3
3) there has been a huge number of tweaks to make it work out of the box as expected
in case you arent aware, 1) fc2 didnt have selinux enabled by default
It’s clearly obvious that you cannot read.
From the post you were replying to (and even pasted into your own post!!!):
SELinux is available in the current Fedora 2 as well. Just type selinux at the boot prompt when you install.
Translation for the terminally dense: the poster you were replying to damn well did know.
Is this the newest version?