Solaris Operating Environment Boot Camp

By David Rhodes, Dominic Butler

• Ensure that file and directory permissions are the minimum needed to allow users to do their jobs.

• Use groups and group permissions, where possible, to control access to files.

• Use ACLs where appropriate, but make sure you keep track of the files that use them.

• Regularly search for setuid and setgid programs and investigate any that look suspicious.

• Setting the sticky bit on all publicly writeable directories used for temporary files will prevent users from deleting other people's files.