LISA 2000 Abstract
YASSP! A Tool for Improving Solaris Security
Jean Chouanard, Xerox - Palo Alto Research Center
This paper presents YASSP, Yet Another Secure Solaris Package, a
set of tools developed to help a systems administrator to secure a
Solaris host. It explains the internal mechanism used by YASSP to
implement these security changes so that a systems administrator can
either use this tool in its current form and localize it, or modify
the package source to match his needs.
YASSP is composed of the SECclean package and a set of optional
packages providing common useful security related tools. The SECclean
internal mechanism used to modify the existing operating system is
implemented through the Solaris package mechanism and provides a full
un-installation procedure. It has required the development of a
specific library of shell functions, to ease file manipulations.
The YASSP project provides to the community an easy path to secure
a Solaris host. It has taught us a lot about Solaris internals and
package manipulation. YASSP is still young, and ready to be enhanced.