| Skip Navigation Links | |
| Exit Print View | |
|
Solaris Trusted Extensions Reference Manual |
- trusted network remote-host templates
/etc/security/tsol/tnrhtp
The tnrhtp database of templates is specified by the administrator for convenience when assigning accreditation and security attributes for each host in the distributed system, including the local host and network.
tnrhtp works together with tnrhdb(4). IP addresses in tnrhdb can be assigned only to templates that are defined in the tnrhtp database. After each modification to the tnrhtp database, the administrator should run tnchkdb(1M) to check the syntax.
Each entry in the template database is entered as one long line. The fields of the entry are separated by semicolons (;):
template_name:attr
A pound sign (#) as the first character of a line indicates a comment line, which is ignored.
Is a character string that names the template that is being defined. The string is case-sensitive. Only the first 31 characters of string are read and interpreted. You can use any printable character in template_name except for field delimiters, newline, or the comment character.
Is a list of semicolon (;) separated key=value pairs that describe the attributes of the template. All keys are mandatory unless otherwise indicated, even if no value other than none is set. The following keys are currently interpreted by the system.
Takes one of two defined values, unlabeled and cipso. The cipso host type is for hosts that use CIPSO (Common IP Security Options - Tag Type 1 only) to label packets.
Defines the default attributes to be applied to incoming data from remote hosts that do not support these attributes. This key is valid for the unlabeled host type only.
Is the domain of interpretation. In the case of the unlabeled host type, this is the domain of interpretation for the def_label.
The domain of interpretation defines the set of rules for translating between the external or internal representation of the security attributes and their network representation. When systems that are configured with Trusted Extensions software have the same doi, they share that set of rules. In the case of the unlabeled host type, these systems also share the same interpretation for the default attributes that are assigned to the unlabeled templates that have that same doi.
Specifies the label accreditation range for the remote hosts that use this template. All labels are specified in a shortened hexadecimal format, except for the administrative labels ADMIN_LOW and ADMIN_HIGH.
For gateway systems, min_sl and max_sl define the default range for forwarding labeled packets. The label range for routes is typically set by using a route(1M) subcommand with the -secattr option. When the label range for routes is not specified, the min_sl to max_sl range in the tnrhtp database is used.
Specifies the security label set which is allowed for the remote hosts that use this template. For gateway systems, the labels in sl_set are used for forwarding labeled packets. sl_set is optional. The maximum number of labels in a set is 4.
If the tnrhtp database is modified while the network is up, the changes do not take effect immediately unless tnctl(1M) is used to update the template entries. Otherwise, the changes take effect when next polled by the trusted network daemon, tnd(1M). Administrators are allowed to add new templates and modify attributes of existing templates while the network is up.
Example 1 Unlabeled Host Entries
For the sake of clarity on this man page, examples are shown using a continuation character (\). In the database file, however, the backslash is not permitted because each entry is made on a single line.
# Sample ADMIN_LOW template entry for machines or networks. # Note that the doi field is required. # admin_low:host_type=unlabeled;\ def_label=ADMIN_LOW;\ min_sl=ADMIN_LOW;\ max_sl=ADMIN_HIGH;\ doi=1;
Unless the label at which you want to communicate with an unlabeled host is ADMIN_LOW, you should not use the above template. Rather, you should use a template that matches an entry in your label encodings file. The following example matches an entry in the sample label_encodings file.
# Sample PUBLIC template entry # based on the sample label_encodings file. # public:host_type=unlabeled;\ def_label=0x0002-08-08;\ min_sl=ADMIN_LOW;\ max_sl=ADMIN_HIGH;\ doi=1;
Example 2 CIPSO Host Entry
# Labeled host template # h1_allzones:host_type=cipso;\ min_sl=ADMIN_LOW;\ max_sl=ADMIN_HIGH;\ doi=1;
See attributes(5) for descriptions of the following attributes:
|
Trusted network remote-host templates
route(1M), smtnrhtp(1M), tnchkdb(1M), tnctl(1M), tnd(1M), tninfo(1M), tnrhdb(4), attributes(5)
Network Security Attributes in Trusted Extensions in Solaris Trusted Extensions Administrator’s Procedures
Changing a template while the network is up can change the security view of an undetermined number of hosts.
Allowing unlabeled hosts onto a Solaris Trusted Extensions network is a security risk. To avoid compromising the rest of your network, such hosts must be trusted in the sense that the administrator is certain that these unlabeled hosts will not be used to compromise the distributed system. These hosts should also be physically protected to restrict access to authorized individuals. If you cannot guarantee that an unlabeled host is physically secure from tampering, it and similar hosts should be isolated on a separate branch of the network.
|