Solaris Web services security: Configuring user accounts

The next step is properly configuring the user accounts on the Web services host.

Configure User Accounts
The next step is properly configuring the user accounts on the Web services host.

Password Settings
Forcing good password discipline is critical to the security of a system. Entries in both of the following files affect the use of passwords.

Make sure the entry PASSREQ=YES exists and is not commented out

Set PASSLENGTH=8 to establish a safer minimum length for user passwords.

For extra security, consider setting MAXWEEKS to implement a password aging scheme.

In this 12-part tip Unix expert Gary Smith breaks down the process of building and maintaining a highly secure Web services architecture on the Solaris platform.

Table of contents:
Part 1: Isolate the Web services host server
Part 2: Install and configure a very basic operating system
Part 3: Force the use of su to gain root access
Part 4: Disable trusted host relationships and create a warning banner
Part 5: Configuring user accounts
Part 6: Disabling and removing unnecessary accounts
Part 7: Configure network access control
Part 8: Configure network services
Part 9: Install OpenSSH, disable NFS and reboot
Part 10: Set file permissions
Part 11: Test the configuration
Part 12: Conclusion

This was first published in October 2002

Dig deeper on Web Services Security and SOA Security



Enjoy the benefits of Pro+ membership, learn more and join.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: