One approach to security that has become standard practice within the past decade is the deployment of reduced or minimal configurations of Oracle Solaris in the assumption that if software is not installed it cannot (be re-enabled or exploited, or at least not easily. Glenn Brunette's blog on the subject includes recommendations for creating such reduced configurations for security reasons and to reduce the management burden and costs associated with instance provisioning, patching, migration, and audit compliance.
Brunette provides guidelines for building reduced or minimal configurations, outlining some of the risks and considerations that must be understood when using these types of configurations. He adds the cautionary note that following the guidelines does not guarantee that the resulting configuration will qualify as a supportable configuration.
Protect Your Applications with Oracle Solaris Security
Read More ...