The Solaris Security Toolkit or just JASS for short is a flexible and extensible
collection of scripts that are used to enhance, maintain and audit the platform security
posture of the Solaris Operating Environment.
Version 4.0.1 of the Toolkit was released quite some time ago (around February 2004), and
I just wanted to provide an update for those that may be interested...
A lot of development and quality assurance work has been put into the next release of the
Toolkit. This was done to include more functionality based on customer and SunPS needs
as well as to help ensure that changes made by JASS were supportable. A lot of effort
also went into a testing cycle that uncovered a number of bugs and inconsistencies that
have since been fixed. In all, the next release of the Toolkit should be one of the best
To give you an idea of some of the changes that have been happening, I will include a
few bullet points as a teaser. As always, your feedback is always requested using the
methods outlined on the JASS home page.
- All of the Toolkit software has been updated to allow for localized versions of the
Toolkit. At this time however only English is provided. If you are interested in a
localized version of the Toolkit, please send us your feedback.
- The Toolkit includes very preliminary support for the Solaris 10 OS. This means that
JASS will run on Solaris 10 (as well as in a zone), but it is not complete nor officially
supported at this time. Other Solaris 10 enhancements include support for the new Reduced
Networking Meta-Cluster, support for new services added to the OS, use of MD5 fingerprints
for file checksums, etc. More changes to support Solaris 10 will follow as that software
continues its march to release.
- The Toolkit includes better support for both Solaris on Intel/AMD as well as Trusted Solaris 8.
- All of the Toolkit software includes better sanity and consistency checks. This is
especially true for command line parsing and several of the JASS helper functions like
- All Toolkit commands provide consistent return values now on exit.
- Many of the auditing functions were enhanced to support multiple arguments allowing a single command to check multiple items.
- nddconfig now supports loose checking of settings. It will report either an exact match, a loose match or a failure. This allows sites with stronger ndd configurations to still pass nddconfig audit checks.
- Column widths are adjustable when using JASS in audit mode with verbosity <= 2.
... and much, much more including many other fixes and enhancements...
The Solaris Security Toolkit development teams looks forward to your feedback concerning what
you like, don't like or would like to see included in a future revision of the Toolkit. We
hope to have a new release of JASS soon - although we cannot provide a date at this time.