Papillon 0.5.4 - Solaris Security Module

Copyright © 2001, 2002, 2003, 2006 by Konrad Rieck



Papillon is a security module for Solaris (version 8 to 10) and OpenSolaris. The code has been inspired by the Openwall and the HAP Linux Kernel Patches. Papillon implements most mechanisms introduced by these two patches into the Solaris OE and integrates additional security mechanisms into the kernel.

Papillon includes a restricted proc, several protections against common attack techniques and may operate completely invisibile to system users.


Version Date Changes
0.5.4 2006-09-04 - No changes in almost 3 years: Hmmmm.
- Added support for Solaris 10 and OpenSolaris
Thanks to Jakub Wartak for fixes and testing
0.5.3 2003-09-08 - Added rudimentary support for a Setuid Execution Protection white-list to avoid annoying warning messages
- Fixed a security problem with copyinstr() calls
- Casper Dik noted that SunSolve bug 1170077 isn't a bug anymore
0.5.2 2003-04-29 - Added GCC sanity check
- Fixed bug in hardlink protection on Solaris 8.
- Fixed a memory problem caused by the mysterious bug 1170077
- Moved init script to runlevel 2
0.5.1 2003-04-14 - Corrected wrong reference in documentation
0.5.0 2003-04-11 - Added Setuid Execution Protection
- Support for Solaris 9 OE
- Fixed dependency problems with module hiding
- Rewrote documentation and manual
0.4.3 2002-09-03 The module is considered to be stable, the Beta flag has been removed from the version
- Added support for compilation on 64 bit systems using gcc v3.x.
- Fixed wrong path to linker
- Adjusted compilation flags for generic compilation
- Fixed missing memset() symbol when using gcc3.
0.4.2b 2002-06-26 - Fixed incorrect output when warning only.
- Added the ability to grant read access to the restricted proc to a unix group
0.4.1b 2002-02-09 First beta release
- Compilation process automatically detects system's bit width.
- Sparc package contains both, the 32 and the 64 bit module.
- Improved small stability and performance issues.
- Improved documentation layout, added PDF documentation
0.4.0a 2001-11-15 - New protection: Chroot Protection, thanks to Heiko Krupp.
- Reorganized the complete syscall32 redirection
- Fixed a typo in papctl.c.
- Fixed the nasty readdir() bug on 64 bit systems. (int64_t)
- Fixed pseudo promiscuous flag on 64 bit systems. (strbuf32)
0.3.4a 2001-11-06 - Fixed a security problem in comm.c
- Enabled module/file hiding on 64 bit systems *except* readdir() interception
0.3.3a 2001-11-05 First alpha release
- Module/file hiding is disabled in 64 bit version.


Source packages
Release Source Package Size
Papillon 0.5.4 papillon-0.5.4.tar.gz 201kb
Papillon 0.5.3 papillon-0.5.3.tar.gz 79kb
Papillon 0.5.2 papillon-0.5.2.tar.gz 85kb
Papillon 0.5.1 papillon-0.5.1.tar.gz 79kb
Papillon 0.5.0 papillon-0.5.0.tar.gz 79kb
Papillon 0.4.3 papillon-0.4.3.tar.gz 205kb
Papillon 0.4.2b papillon-0.4.2b.tar.gz 202kb
Papillon 0.4.1b papillon-0.4.1b.tar.gz 200kb
Papillon 0.4.0a papillon-0.4.0a.tar.gz 134kb
Papillon 0.3.4a papillon-0.3.4a.tar.gz 127kb
Papillon 0.3.3a papillon-0.3.3a.tar.gz 126kb


Papillon is a security module designed for the Solaris Operating Environment 8 and 9. It has been tested against the Intel and the Sparc Edition of the Solaris OE 8 and 9. Papillon tries to be as compatible with Sun Microsystems DDI/DDK as possible.

Papillon improves the security of a system by adding new functionality to the kernel. The added security mechanisms have been inspired by Solar Designer's Openwall Linux Kernel Patch and the the HAP Linux Kernel Patch which fix common Unix security problems that are also present in the Solaris OE.

Papillon is designed to prevent attacks driven by system users. It doesn't include any restriction to the super-user. It can be an addition to already exisiting security mechanisms such as the BSM (Solaris' Basic Security Module) and the non-executable stack on Solaris Sparc Edition.

The module is automatically loaded at boot time when entering multiuser level and installs two kinds of new functionality in the kernel: so called features and protections.


Features add completely new functionality to the kernel, they can be switched on or off either at compilation time or even at runtime using the provided control tool papctl.

Features included in Papillon currently are:

  • Restricted Proc
  • Pseudo Promiscuous Flag
  • Module Hiding
  • Secure STDIO File Descriptors

Protections restrict access to resources if specific conditions occur. A protection has a behaviour that can be none (for doing nothing), warn (for warning only) or deny (for warning and denying access to the resource).

Protections included in Papillon currently are:

  • Symbolic Link Protection
  • Hard Link Protection
  • FIFO Protection
  • Chroot Protection
  • Setuid Execution Protection

Fore more information consult the provided PDF documentation

papillon.pdfPDF Documentation

If you are using Papillon in a company or large network and feel that it is great software, please send an email or, if you like, a little donation.

* The Solaris Logo is a trademark or a registered trademark of Sun Microsystems, Inc.


In general Papillon should be build from the source package. Consult the documentation on how to configure, compile and install the module.