Developer's Guide to Oracle Solaris Security
    
A
 
 access control lists, use in GSS-API ( Index Term Link )
 
 account management, PAM service module ( Index Term Link )
 
 ACL, See access control list
 
 acquiring context information ( Index Term Link )
 
 anonymous authentication ( Index Term Link )
 
 authentication
  flavor ( Index Term Link )
  GSS-API ( Index Term Link )
   anonymous ( Index Term Link )
   mutual ( Index Term Link )
  PAM process for ( Index Term Link )
  PAM service module ( Index Term Link )
  SASL ( Index Term Link )
 
 authid
  auxprop plug-ins ( Index Term Link )
  SASL ( Index Term Link )
 
 authorizations
  code example ( Index Term Link )
  defined ( Index Term Link )
  use in application development ( Index Term Link )
 
 authzid, auxprop plug-ins ( Index Term Link )
 
 auxiliary properties, See auxprop plug-ins
 
 auxprop plug-ins ( Index Term Link )
    
C
 
 C_CloseSession() function
  digest message example ( Index Term Link )
  message signing example ( Index Term Link )
  random byte generation example ( Index Term Link )
 
 C_Decrypt() function ( Index Term Link )
 
 C_DecryptInit() function ( Index Term Link )
 
 C_EncryptFinal() function ( Index Term Link )
 
 C_EncryptInit() function ( Index Term Link )
 
 C_EncryptUpdate() function ( Index Term Link )
 
 C_Finalize() function
  digest message example ( Index Term Link )
  message signing example ( Index Term Link )
 
 C_GenerateKeyPair() function ( Index Term Link )
 
 C_GenerateRandom() function ( Index Term Link )
 
 C_GetAttributeValue() function ( Index Term Link )
 
 C_GetInfo() function ( Index Term Link ) ( Index Term Link )
 
 C_GetMechanismList() function ( Index Term Link )
 
 C_GetSlotList() function ( Index Term Link )
  message signing example ( Index Term Link )
  random byte generation example ( Index Term Link )
 
 C_Initialize() function ( Index Term Link )
 
 C_OpenSession() function ( Index Term Link )
  random byte generation example ( Index Term Link )
 
 C_SignInit() function ( Index Term Link )
 
 C_Verify() function ( Index Term Link )
 
 C_VerifyInit() function ( Index Term Link )
 
 callbacks
  SASL ( Index Term Link )
   SASL_CB_AUTHNAME ( Index Term Link )
   SASL_CB_CANON_USER ( Index Term Link )
   SASL_CB_ECHOPROMPT ( Index Term Link )
   SASL_CB_GETCONF ( Index Term Link )
   SASL_CB_GETOPT ( Index Term Link )
   SASL_CB_GETPATH ( Index Term Link )
   SASL_CB_GETREALM ( Index Term Link )
   SASL_CB_LANGUAGE ( Index Term Link )
   SASL_CB_LOG ( Index Term Link )
   SASL_CB_NOECHOPROMPT ( Index Term Link )
   SASL_CB_PASS ( Index Term Link )
   SASL_CB_PROXY_POLICY ( Index Term Link )
   SASL_CB_SERVER_USERDB_CHECKPASS ( Index Term Link )
   SASL_CB_SERVER_USERDB_SETPASS ( Index Term Link )
   SASL_CB_USER ( Index Term Link )
   SASL_CB_VERIFYFILE ( Index Term Link )
 
 canonicalization, SASL ( Index Term Link )
 
 Certificate Revocation List (CRL) ( Index Term Link )
 
 Certificate Signing Request (CSR) ( Index Term Link )
 
 certificates
  cryptographic applications ( Index Term Link )
  requesting from Oracle ( Index Term Link )
 
 channel bindings
  GSS-API ( Index Term Link ) ( Index Term Link )
 
 client_establish_context() function, GSS-API client example ( Index Term Link )
 
 client plug-ins
  SASL ( Index Term Link ) ( Index Term Link )
 
 confidentiality
  GSS-API ( Index Term Link ) ( Index Term Link )
 
 connect_to_server() function
  GSS-API client example ( Index Term Link ) ( Index Term Link )
 
 connection contexts, SASL ( Index Term Link )
 
 consumers
  defined ( Index Term Link )
  Oracle Solaris cryptographic framework ( Index Term Link )
 
 context-level tokens, GSS-API ( Index Term Link )
 
 contexts
  GSS-API
   acceptance ( Index Term Link )
   acceptance example ( Index Term Link )
   deletion ( Index Term Link )
   establishing ( Index Term Link )
   establishing example ( Index Term Link )
   exporting ( Index Term Link )
   getting acquisition information ( Index Term Link )
   gss-client example ( Index Term Link )
   import and export ( Index Term Link ) ( Index Term Link )
   introduction ( Index Term Link )
   other context services ( Index Term Link )
   releasing ( Index Term Link )
  initiation in GSS-API ( Index Term Link )
 
 createMechOid() function ( Index Term Link )
 
 credentials
  cache ( Index Term Link )
  delegation ( Index Term Link )
  GSS-API ( Index Term Link ) ( Index Term Link )
   acquisition ( Index Term Link )
  GSS-API default ( Index Term Link )
 
 CRL (Certificate Revocation List) ( Index Term Link )
 
 crypto pseudo device driver ( Index Term Link )
 
 cryptoadm pseudo device driver ( Index Term Link )
 
 cryptoadm utility ( Index Term Link )
 
 cryptographic checksum (MIC) ( Index Term Link )
 
 cryptographic framework, See Oracle Solaris cryptographic framework
 
 cryptographic providers, Oracle Solaris cryptographic framework ( Index Term Link )
 
 cryptoki library, overview ( Index Term Link )
 
 CSR (Certificate Signing Request) ( Index Term Link )
    
D
 
 data encryption, GSS-API ( Index Term Link )
 
 data protection, GSS-API ( Index Term Link )
 
 data replay ( Index Term Link )
 
 data types
  GSS-API ( Index Term Link ) ( Index Term Link )
   integers ( Index Term Link )
   names ( Index Term Link )
   strings ( Index Term Link )
  privileges ( Index Term Link )
 
 default credentials, GSS-API ( Index Term Link )
 
 delegation, credentials ( Index Term Link )
 
 design requirements
  Oracle Solaris cryptographic framework
   kernel-level consumers ( Index Term Link )
   kernel-level providers ( Index Term Link )
   user-level consumers ( Index Term Link )
   user-level providers ( Index Term Link )
 
 digesting messages, Oracle Solaris cryptographic framework ( Index Term Link )
    
E
 
 effective privilege set, defined ( Index Term Link )
 
 elfsign command
  Oracle Solaris cryptographic framework ( Index Term Link )
  request subcommand ( Index Term Link )
  sign subcommand ( Index Term Link ) ( Index Term Link )
  verify subcommand ( Index Term Link )
 
 encryption
  GSS-API ( Index Term Link )
  wrapping messages with gss_wrap() ( Index Term Link )
 
 encryption products, export laws ( Index Term Link )
 
 error codes, GSS-API ( Index Term Link )
 
 examples
  checking for authorizations ( Index Term Link )
  GSS-API client application
   description ( Index Term Link )
   source code ( Index Term Link )
  GSS-API miscellaneous functions
   source code ( Index Term Link )
  GSS-API server application
   description ( Index Term Link )
   source code ( Index Term Link )
  miscellaneous SASL functions ( Index Term Link )
  Oracle Solaris cryptographic framework
   message digest ( Index Term Link )
   random byte generation ( Index Term Link )
   signing and verifying messages ( Index Term Link )
   symmetric encryption ( Index Term Link )
  PAM consumer application ( Index Term Link )
  PAM conversation function ( Index Term Link )
  PAM service provider ( Index Term Link )
  privilege bracketing ( Index Term Link )
  SASL client application ( Index Term Link )
  SASL server application ( Index Term Link )
 
 export laws, encryption products ( Index Term Link )
 
 exporting GSS-API contexts ( Index Term Link )
    
F
 
 _fini() function, Oracle Solaris cryptographic framework ( Index Term Link )
 
 flavor, See security flavor
 
 functions
  See specific function name
  GSS-API ( Index Term Link )
    
G
 
 General Security Standard Application Programming Interface, See GSS-API
 
 GetMechanismInfo() function ( Index Term Link )
 
 GetRandSlot() function ( Index Term Link )
 
 GetTokenInfo() function ( Index Term Link )
 
 gss_accept_sec_context() function ( Index Term Link ) ( Index Term Link )
  GSS-API server example ( Index Term Link )
 
 gss_acquire_cred() function ( Index Term Link ) ( Index Term Link )
  GSS-API server example ( Index Term Link )
 
 gss_add_cred() function ( Index Term Link ) ( Index Term Link )
 
 gss_add_oid_set_member() function ( Index Term Link )
 
 GSS-API
  acquiring credentials ( Index Term Link )
  anonymous authentication ( Index Term Link )
  anonymous name format ( Index Term Link )
  channel bindings ( Index Term Link ) ( Index Term Link )
  communication layers ( Index Term Link )
  comparing names in ( Index Term Link )
  confidentiality ( Index Term Link )
  constructing OIDs ( Index Term Link )
  context establishment example ( Index Term Link )
  contexts
   acceptance example ( Index Term Link )
   deallocation ( Index Term Link )
   expiration ( Index Term Link )
  createMechOid() function ( Index Term Link )
  credentials ( Index Term Link )
   expiration ( Index Term Link )
  data types ( Index Term Link ) ( Index Term Link )
  detecting out-of-sequence problems ( Index Term Link )
  developing applications ( Index Term Link )
  displaying status codes ( Index Term Link )
  encryption ( Index Term Link ) ( Index Term Link )
  exporting contexts ( Index Term Link ) ( Index Term Link )
  files containing OID values ( Index Term Link )
  functions ( Index Term Link )
  generalized steps ( Index Term Link )
  gss-client example
   context deletion ( Index Term Link )
   contexts ( Index Term Link )
   sending messages ( Index Term Link )
   signature blocks ( Index Term Link )
  gss-server example
   signing messages ( Index Term Link )
   unwrapping messages ( Index Term Link )
  gss_str_to_oid() function ( Index Term Link )
  include files ( Index Term Link )
  integrity ( Index Term Link )
  interprocess tokens ( Index Term Link )
  introduction ( Index Term Link )
  Kerberos v5 status codes ( Index Term Link )
  language bindings ( Index Term Link )
  limitations ( Index Term Link )
  mech file ( Index Term Link )
  message transmission ( Index Term Link )
  MICs ( Index Term Link )
  minor-status codes ( Index Term Link )
  miscellaneous sample functions
   source code ( Index Term Link )
  mutual authentication ( Index Term Link )
  name types ( Index Term Link ) ( Index Term Link )
  OIDs ( Index Term Link )
  other context services ( Index Term Link )
  outside references ( Index Term Link )
  portability ( Index Term Link )
  protecting channel-binding information ( Index Term Link )
  QOP ( Index Term Link ) ( Index Term Link )
  readable name syntax ( Index Term Link )
  releasing contexts ( Index Term Link )
  releasing stored data ( Index Term Link )
  remote procedure calls ( Index Term Link )
  replaced functions ( Index Term Link )
  role in Oracle Solaris OS ( Index Term Link )
  sample client application
   description ( Index Term Link )
   source code ( Index Term Link )
  sample server application
   description ( Index Term Link )
   source code ( Index Term Link )
  specifying non-default mechanisms ( Index Term Link )
  specifying OIDs ( Index Term Link )
  status code macros ( Index Term Link )
  status codes ( Index Term Link ) ( Index Term Link ) ( Index Term Link )
  supported credentials ( Index Term Link )
  tokens ( Index Term Link )
   context-level ( Index Term Link )
   interprocess ( Index Term Link )
   per-message ( Index Term Link )
  translation into GSS-API format ( Index Term Link )
  wrap-size limits ( Index Term Link )
 
 gss_buffer_desc structure ( Index Term Link )
 
 gss_buffer_desc structure ( Index Term Link )
 
 gss_buffer_t pointer ( Index Term Link )
 
 GSS_C_ACCEPT credential ( Index Term Link )
 
 GSS_C_BOTH credential ( Index Term Link )
 
 GSS_C_INITIATE credential ( Index Term Link )
 
 GSS_CALLING_ERROR macro ( Index Term Link ) ( Index Term Link )
 
 gss_canonicalize_name() function ( Index Term Link ) ( Index Term Link )
 
 gss_channel_bindings_structure structure ( Index Term Link )
 
 gss_channel_bindings_t data type ( Index Term Link )
 
 gss-client example
  context deletion ( Index Term Link )
  obtaining context status ( Index Term Link )
  restoring contexts ( Index Term Link )
  saving contexts ( Index Term Link )
  sending messages ( Index Term Link )
  signature blocks ( Index Term Link )
 
 gss-client sample application ( Index Term Link )
 
 gss_compare_name() function ( Index Term Link ) ( Index Term Link ) ( Index Term Link )
 
 gss_context_time() function ( Index Term Link )
 
 gss_create_empty_oid_set() function ( Index Term Link )
 
 gss_delete_oid() function ( Index Term Link )
 
 gss_delete_sec_context() function ( Index Term Link ) ( Index Term Link )
  releasing contexts ( Index Term Link )
 
 gss_display_name() function ( Index Term Link ) ( Index Term Link )
 
 gss_display_status() function ( Index Term Link ) ( Index Term Link )
 
 gss_duplicate_name() function ( Index Term Link )
 
 gss_export_context() function ( Index Term Link )
 
 gss_export_name() function ( Index Term Link )
 
 gss_export_sec_context() function ( Index Term Link ) ( Index Term Link )
 
 gss_get_mic() function ( Index Term Link ) ( Index Term Link ) ( Index Term Link )
  comparison with gss_wrap()function ( Index Term Link )
  GSS-API server example ( Index Term Link )
 
 gss_import_name() function ( Index Term Link ) ( Index Term Link )
  GSS-API client example ( Index Term Link )
  GSS-API server example ( Index Term Link )
 
 gss_import_sec_context() function ( Index Term Link ) ( Index Term Link )
 
 gss_indicate_mechs() function ( Index Term Link )
 
 gss_init_sec_context() function ( Index Term Link ) ( Index Term Link ) ( Index Term Link )
  GSS-API client example ( Index Term Link )
  use in anonymous authentication ( Index Term Link )
  use in mutual authentication ( Index Term Link )
 
 gss_inquire_context() function ( Index Term Link )
 
 gss_inquire_context function ( Index Term Link )
 
 gss_inquire_cred() function ( Index Term Link )
 
 gss_inquire_cred_by_mech() function ( Index Term Link )
 
 gss_inquire_mechs_for_name() function ( Index Term Link )
 
 gss_inquire_names_for_mech() function ( Index Term Link )
 
 gss_OID_desc structure ( Index Term Link )
 
 gss_OID pointer ( Index Term Link )
 
 gss_OID_set_desc structure ( Index Term Link )
 
 gss_OID_set_desc structure ( Index Term Link )
 
 gss_OID_set pointer ( Index Term Link )
 
 gss_oid_to_str() function ( Index Term Link )
 
 gss_process_context_token() function ( Index Term Link )
 
 gss_release_buffer() function ( Index Term Link ) ( Index Term Link )
 
 gss_release_cred() function ( Index Term Link ) ( Index Term Link )
  GSS-API server example ( Index Term Link )
 
 gss_release_name() function ( Index Term Link ) ( Index Term Link )
  releasing stored data ( Index Term Link )
 
 gss_release_oid() function
  GSS-API client example ( Index Term Link )
  GSS-API server example ( Index Term Link )
 
 gss_release_oid_set() function ( Index Term Link ) ( Index Term Link )
 
 GSS_ROUTINE_ERROR macro ( Index Term Link ) ( Index Term Link )
 
 gss_seal() function ( Index Term Link )
 
 gss-server example
  signing messages ( Index Term Link )
  unwrapping messages ( Index Term Link )
 
 gss-server sample application ( Index Term Link )
 
 gss_sign() function ( Index Term Link )
 
 gss_str_to_oid() function ( Index Term Link ) ( Index Term Link )
 
 GSS_SUPPLEMENTARY_INFO macro ( Index Term Link ) ( Index Term Link )
 
 gss_test_oid_set_member() function ( Index Term Link )
 
 gss_unseal() function ( Index Term Link )
 
 gss_unwrap() function ( Index Term Link )
  GSS-API server example ( Index Term Link )
 
 gss_verify() function ( Index Term Link )
 
 gss_verify_mic() function ( Index Term Link )
 
 gss_wrap() function ( Index Term Link ) ( Index Term Link ) ( Index Term Link )
  comparison with gss_get_mic() function ( Index Term Link )
  wrapping messages ( Index Term Link )
 
 gss_wrap_size_limit() function ( Index Term Link ) ( Index Term Link )
 
 gssapi.h file ( Index Term Link )
 
 guidelines for privileged applications ( Index Term Link )
    
H
 
 header files, GSS-API ( Index Term Link )
    
I
 
 importing GSS-API contexts ( Index Term Link )
 
 inetd, checking for in gss-client() example ( Index Term Link )
 
 inheritable privilege set, defined ( Index Term Link )
 
 integers, GSS-API ( Index Term Link )
 
 integrity
  GSS-API ( Index Term Link ) ( Index Term Link )
 
 interprocess tokens, GSS-API ( Index Term Link )
 
 IPC privileges ( Index Term Link )
    
J
 
 Java API ( Index Term Link )
    
K
 
 Kerberos v5, GSS-API ( Index Term Link )
 
 Key Management Framework (KMF) ( Index Term Link )
 
 keypair ( Index Term Link )
 
 keystore ( Index Term Link )
 
 KMF (Key Management Framework) ( Index Term Link )
 
 kmfcfg(1) configuration utility ( Index Term Link )
    
L
 
 language bindings, GSS-API ( Index Term Link )
 
 libpam ( Index Term Link )
 
 libpkcs11.so library, Oracle Solaris cryptographic framework ( Index Term Link )
 
 libsasl
  initialization ( Index Term Link )
  use of API ( Index Term Link )
 
 libsasl library ( Index Term Link )
 
 limit privilege set, defined ( Index Term Link )
    
M
 
 macros
  GSS-API
   GSS_CALLING_ERROR ( Index Term Link )
   GSS_ROUTINE_ERROR ( Index Term Link )
   GSS_SUPPLEMENTARY_INFO ( Index Term Link )
 
 major status codes
  GSS-API ( Index Term Link )
   descriptions ( Index Term Link )
 
 major-status codes
  GSS-API
   encoding ( Index Term Link )
 
 mech file ( Index Term Link )
 
 Mechanism Name (MN) ( Index Term Link )
 
 mechanisms
  defined ( Index Term Link )
  GSS-API ( Index Term Link )
  Oracle Solaris cryptographic framework ( Index Term Link )
  printable formats ( Index Term Link )
  SASL ( Index Term Link )
  specifying GSS-API ( Index Term Link )
 
 memcmp function ( Index Term Link )
 
 message digesting, Oracle Solaris cryptographic framework ( Index Term Link )
 
 Message Integrity Code, See MICs
 
 messages
  See also data
  encrypting with gss_wrap() ( Index Term Link )
  GSS-API ( Index Term Link )
   out-of-sequence problems ( Index Term Link )
   sending ( Index Term Link )
   signing ( Index Term Link )
   transmission confirmation ( Index Term Link )
   unwrapping ( Index Term Link )
  tagging with MICs ( Index Term Link )
  wrapping in GSS-API ( Index Term Link )
 
 metaslot, Oracle Solaris cryptographic framework ( Index Term Link )
 
 MICs
  defined ( Index Term Link )
  GSS-API
   tagging messages ( Index Term Link )
  message transmission confirmation ( Index Term Link )
 
 minor status codes, GSS-API ( Index Term Link )
 
 MN, See Mechanism Name
 
 mutual authentication, GSS-API ( Index Term Link )
    
N
 
 name types, GSS-API ( Index Term Link )
 
 names
  comparing in GSS-API ( Index Term Link )
  GSS-API ( Index Term Link )
  types in GSS-API ( Index Term Link )
 
 network security, overview ( Index Term Link )
 
 non-retail encryption products, export laws ( Index Term Link )
    
O
 
 Object Identifiers, See OIDs
 
 OCSP (Online Certificate Status Protocol) ( Index Term Link )
 
 OIDs
  constructing ( Index Term Link )
  deallocation of ( Index Term Link )
  GSS-API ( Index Term Link )
  sets ( Index Term Link )
  specifying ( Index Term Link ) ( Index Term Link )
  types of data stored as ( Index Term Link )
 
 Online Certificate Status Protocol (OCSP) ( Index Term Link )
 
 Oracle Solaris cryptographic framework
  architecture ( Index Term Link )
  crypto pseudo device driver ( Index Term Link )
  cryptoadm pseudo device driver ( Index Term Link )
  cryptoadm utility ( Index Term Link )
  cryptographic providers ( Index Term Link )
  cryptoki library ( Index Term Link )
  design requirements
   kernel-level consumers ( Index Term Link )
   kernel-level providers ( Index Term Link )
   special treatment of _fini() function ( Index Term Link )
   user-level consumers ( Index Term Link )
   user-level providers ( Index Term Link )
  elfsign utility ( Index Term Link )
  examples
   message digest ( Index Term Link )
   random byte generation ( Index Term Link )
   signing and verifying messages ( Index Term Link )
   symmetric encryption ( Index Term Link )
  introduction ( Index Term Link )
  kernel programmer interface ( Index Term Link )
  libpkcs11.so ( Index Term Link )
  modules verification library ( Index Term Link )
  packaging applications ( Index Term Link )
  pkcs11_kernel.so ( Index Term Link )
  pkcs11_softtoken.so ( Index Term Link )
  pluggable interface ( Index Term Link )
  role in Oracle Solaris OS ( Index Term Link )
  scheduler / load balancer ( Index Term Link ) ( Index Term Link )
  SPI
   kernel level ( Index Term Link )
 
 Oracle Solaris Enterprise Authentication Mechanism, See SEAM
 
 out-of-sequence problems, GSS-API ( Index Term Link )
    
P
 
 packaging cryptographic applications ( Index Term Link )
 
 PAM ( Index Term Link )
  authentication process ( Index Term Link )
  configuration file
   introduction ( Index Term Link )
  consumer application example ( Index Term Link )
  framework ( Index Term Link )
  items ( Index Term Link )
  library ( Index Term Link )
  requirements for PAM consumers ( Index Term Link )
  role in Oracle Solaris OS ( Index Term Link )
  service modules ( Index Term Link )
  service provider example ( Index Term Link )
  service provider requirements ( Index Term Link )
  writing conversation functions ( Index Term Link )
 
 pam.conf file, See PAM configuration file
 
 pam_end() function ( Index Term Link )
 
 pam_getenvlist() function ( Index Term Link )
 
 pam_open_session() function ( Index Term Link )
 
 pam_set_item() function ( Index Term Link )
 
 pam_setcred() function ( Index Term Link )
 
 pam_start() function ( Index Term Link )
 
 parse_oid() function ( Index Term Link )
  GSS-API client example ( Index Term Link )
 
 per-message tokens, GSS-API ( Index Term Link )
 
 permitted privilege set, defined ( Index Term Link )
 
 PKCS #11
  C_GetInfo() function ( Index Term Link )
  C_GetMechanismList() function ( Index Term Link )
  C_GetSlotList() function ( Index Term Link )
  C_GetTokenInfo() function ( Index Term Link )
  C_Initialize() function ( Index Term Link )
  C_OpenSession() function ( Index Term Link )
  function list ( Index Term Link )
  pkcs11_softtoken.so module ( Index Term Link )
  SUNW_C_GetMechSession() function ( Index Term Link ) ( Index Term Link )
 
 pkcs11_kernel.so library, Oracle Solaris cryptographic framework ( Index Term Link )
 
 pkcs11_softtoken.so library, Oracle Solaris cryptographic framework ( Index Term Link )
 
 PKI (Public Key Infrastructure) ( Index Term Link )
 
 pktool(1) key management tool ( Index Term Link )
 
 plug-ins
  Oracle Solaris cryptographic framework ( Index Term Link )
  SASL ( Index Term Link )
 
 pluggable authentication module, See PAM
 
 pluggable interface, Oracle Solaris cryptographic framework ( Index Term Link )
 
 principals, GSS-API ( Index Term Link )
 
 PRIV_FILE_LINK_ANY ( Index Term Link )
 
 PRIV_OFF flag ( Index Term Link )
 
 PRIV_ON flag ( Index Term Link )
 
 PRIV_PROC_EXEC ( Index Term Link )
 
 PRIV_PROC_FORK ( Index Term Link )
 
 PRIV_PROC_INFO ( Index Term Link )
 
 PRIV_PROC_SESSION ( Index Term Link )
 
 PRIV_SET flag ( Index Term Link )
 
 priv_set_t structure ( Index Term Link )
 
 priv_str_to_set() function, synopsis ( Index Term Link )
 
 priv_t type ( Index Term Link )
 
 privilege sets, defined ( Index Term Link )
 
 privileged applications, defined ( Index Term Link )
 
 privileges
  assignment ( Index Term Link )
  bracketing in the least privilege model ( Index Term Link )
  bracketing in the superuser model ( Index Term Link )
  categories ( Index Term Link )
   IPC ( Index Term Link )
   process ( Index Term Link )
   system ( Index Term Link )
   System V IPC ( Index Term Link )
  code example ( Index Term Link )
  compatibility with superuser ( Index Term Link )
  data types ( Index Term Link )
  defined ( Index Term Link )
  interfaces ( Index Term Link )
  introduction ( Index Term Link )
  operation flags ( Index Term Link )
  overview ( Index Term Link )
  priv_str_to_set() function ( Index Term Link )
  privilege ID data type ( Index Term Link )
  required header file ( Index Term Link )
  setppriv() function ( Index Term Link )
  use in application development ( Index Term Link )
 
 process privileges ( Index Term Link )
  See privileges
 
 protecting data, GSS-API ( Index Term Link )
 
 providers
  defined ( Index Term Link )
  Oracle Solaris cryptographic framework ( Index Term Link ) ( Index Term Link )
  packaging kernel-level applications ( Index Term Link )
  packaging user-level applications ( Index Term Link )
 
 Public Key Infrastructure (PKI) ( Index Term Link )
    
Q
 
 qop file ( Index Term Link )
 
 QOPs ( Index Term Link )
  role in wrap size ( Index Term Link )
  specifying ( Index Term Link ) ( Index Term Link )
  storage in OIDs ( Index Term Link )
 
 Quality of Protection, See QOP
    
R
 
 random byte generation
  Oracle Solaris cryptographic framework
   example ( Index Term Link )
 
 remote procedure calls, GSS-API ( Index Term Link )
 
 retail encryption products, export laws ( Index Term Link )
 
 return codes, GSS-API ( Index Term Link )
 
 RPCSEC_GSS ( Index Term Link )
    
S
 
 SASL
  architecture ( Index Term Link )
  authentication ( Index Term Link )
  authid ( Index Term Link )
  auxprop plug-ins ( Index Term Link )
  callbacks
   SASL_CB_AUTHNAME ( Index Term Link )
   SASL_CB_CANON_USER ( Index Term Link )
   SASL_CB_ECHOPROMPT ( Index Term Link )
   SASL_CB_GETCONF ( Index Term Link )
   SASL_CB_GETOPT ( Index Term Link )
   SASL_CB_GETPATH ( Index Term Link )
   SASL_CB_GETREALM ( Index Term Link )
   SASL_CB_LANGUAGE ( Index Term Link )
   SASL_CB_LOG ( Index Term Link )
   SASL_CB_NOECHOPROMPT ( Index Term Link )
   SASL_CB_PASS ( Index Term Link )
   SASL_CB_PROXY_POLICY ( Index Term Link )
   SASL_CB_SERVER_USERDB_CHECKPASS ( Index Term Link )
   SASL_CB_SERVER_USERDB_SETPASS ( Index Term Link )
   SASL_CB_USER ( Index Term Link )
   SASL_CB_VERIFYFILE ( Index Term Link )
  canonicalization ( Index Term Link )
  client sample application ( Index Term Link )
  confidentiality ( Index Term Link )
  connection contexts ( Index Term Link )
  functions ( Index Term Link )
  integrity ( Index Term Link )
  library ( Index Term Link )
  libsasl API ( Index Term Link )
  libsasl initialization ( Index Term Link )
  life cycle ( Index Term Link )
  mechanisms ( Index Term Link )
  overview ( Index Term Link )
  plug-in design ( Index Term Link )
   client plug-ins ( Index Term Link )
   overview ( Index Term Link )
   server plug-ins ( Index Term Link )
   structures ( Index Term Link )
  reference tables ( Index Term Link )
  releasing resources ( Index Term Link )
  releasing sessions ( Index Term Link )
  role in Oracle Solaris OS ( Index Term Link )
  sample functions ( Index Term Link )
  sample output ( Index Term Link )
  server sample application ( Index Term Link )
  session initialization ( Index Term Link )
  setting SSF ( Index Term Link )
  SPI ( Index Term Link )
  SSF ( Index Term Link )
  userid ( Index Term Link )
 
 sasl_canonuser_plug_nit() function ( Index Term Link )
 
 SASL_CB_AUTHNAME callback ( Index Term Link )
 
 SASL_CB_CANON_USER callback ( Index Term Link )
 
 SASL_CB_ECHOPROMPT callback ( Index Term Link )
 
 SASL_CB_GETCONF callback ( Index Term Link )
 
 SASL_CB_GETOPT callback ( Index Term Link )
 
 SASL_CB_GETPATH callback ( Index Term Link )
 
 SASL_CB_GETREALM callback ( Index Term Link )
 
 SASL_CB_LANGUAGE callback ( Index Term Link )
 
 SASL_CB_LOG callback ( Index Term Link )
 
 SASL_CB_NOECHOPROMPT callback ( Index Term Link )
 
 SASL_CB_PASS callback ( Index Term Link )
 
 SASL_CB_PROXY_POLICY callback ( Index Term Link )
 
 SASL_CB_SERVER_USERDB_CHECKPASS callback ( Index Term Link )
 
 SASL_CB_SERVER_USERDB_SETPASS callback ( Index Term Link )
 
 SASL_CB_USER callback ( Index Term Link )
 
 SASL_CB_VERIFYFILE callback ( Index Term Link )
 
 sasl_client_add_plugin() function ( Index Term Link )
 
 sasl_client_init() function ( Index Term Link ) ( Index Term Link )
 
 sasl_client_new() function, SASL life cycle ( Index Term Link )
 
 sasl_client_start() function, SASL life cycle ( Index Term Link )
 
 SASL_CONTINUE flag ( Index Term Link )
 
 sasl_decode() function ( Index Term Link )
 
 sasl_dispose() function ( Index Term Link ) ( Index Term Link )
 
 sasl_done() function ( Index Term Link ) ( Index Term Link )
 
 sasl_encode() function ( Index Term Link )
 
 sasl_getprop() function, checking SSF ( Index Term Link )
 
 SASL_INTERACT flag ( Index Term Link )
 
 SASL_OK flag ( Index Term Link )
 
 sasl_server_add_plugin() function ( Index Term Link )
 
 sasl_server_init() function ( Index Term Link ) ( Index Term Link )
 
 sasl_server_new() function, SASL life cycle ( Index Term Link )
 
 sasl_server_start() function, SASL life cycle ( Index Term Link )
 
 SEAM, GSS-API ( Index Term Link )
 
 security context, See contexts
 
 security flavor ( Index Term Link )
 
 security mechanisms, See GSS-API
 
 security policy, privileged application guidelines ( Index Term Link )
 
 security strength factor, See SSF
 
 send_token() function, GSS-API client example ( Index Term Link )
 
 sequence problems, GSS-API ( Index Term Link )
 
 server_acquire_creds() function, GSS-API server example ( Index Term Link )
 
 server_establish_context() function, GSS-API server example ( Index Term Link )
 
 server plug-ins, SASL ( Index Term Link )
 
 service provider interface, See SPI
 
 session management, PAM service module ( Index Term Link )
 
 session objects, Oracle Solaris cryptographic framework ( Index Term Link )
 
 setppriv() function, synopsis ( Index Term Link )
 
 shell escapes, and privileges ( Index Term Link )
 
 sign_server() function
  GSS-API client example ( Index Term Link )
  GSS-API server example ( Index Term Link )
 
 signature blocks
  GSS-API
   gss-client example ( Index Term Link )
 
 signing messages, GSS-API ( Index Term Link )
 
 signing messages example, Oracle Solaris cryptographic framework ( Index Term Link )
 
 signing packages ( Index Term Link )
 
 Simple Authentication and Security Layer, See SASL
 
 slots, Oracle Solaris cryptographic framework ( Index Term Link )
 
 soft tokens, Oracle Solaris cryptographic framework ( Index Term Link )
 
 specifying a QOP ( Index Term Link )
 
 specifying mechanisms in GSS-API ( Index Term Link )
 
 specifying OIDs ( Index Term Link )
 
 SPI
  Oracle Solaris cryptographic framework
   kernel level ( Index Term Link )
   user level ( Index Term Link )
 
 SSF
  defined ( Index Term Link )
  setting ( Index Term Link ) ( Index Term Link )
 
 status codes
  GSS-API ( Index Term Link ) ( Index Term Link )
  major ( Index Term Link )
  minor ( Index Term Link )
 
 strings, GSS-API ( Index Term Link )
 
 SUNW_C_GetMechSession() function ( Index Term Link ) ( Index Term Link )
  digest message example ( Index Term Link )
  symmetric encryption example ( Index Term Link )
 
 symmetric encryption
  Oracle Solaris cryptographic framework
   example ( Index Term Link )
 
 system privileges ( Index Term Link )
 
 System V IPC privileges ( Index Term Link )
    
T
 
 test_import_export_context() function, GSS-API server example ( Index Term Link )
 
 token objects, Oracle Solaris cryptographic framework ( Index Term Link )
 
 tokens
  distinguishing GSS-API types ( Index Term Link )
  GSS-API ( Index Term Link )
   context-level ( Index Term Link )
   interprocess ( Index Term Link )
   per-message ( Index Term Link )
  Oracle Solaris cryptographic framework ( Index Term Link )
    
U
 
 userid, SASL ( Index Term Link )
    
V
 
 verifying messages example
  Oracle Solaris cryptographic framework
   example ( Index Term Link )
    
W
 
 wrapping messages, GSS-API ( Index Term Link )
    
X
 
 X.509 certificates ( Index Term Link )