- Book Information
- Index
- Preface
- Part??I Initial Configuration of Trusted Extensions
- Chapter??1 Security Planning for Trusted Extensions
- Planning for Security in Trusted Extensions
- Understanding Trusted Extensions
- Understanding Your Site's Security Policy
- Devising an Administration Strategy for Trusted Extensions
- Devising a Label Strategy
- Planning System Hardware and Capacity for Trusted Extensions
- Planning Your Trusted Network
- Planning for Zones in Trusted Extensions
- Planning for Multilevel Access
- Planning for the LDAP Naming Service in Trusted Extensions
- Planning for Auditing in Trusted Extensions
- Planning User Security in Trusted Extensions
- Devising a Configuration Strategy for Trusted Extensions
- Collecting Information Before Enabling??Trusted Extensions
- Backing Up the System Before Enabling??Trusted Extensions
- Results of Enabling Trusted Extensions From an Administrator's Perspective
- Planning for Security in Trusted Extensions
- Chapter??2 Configuration Roadmap for Trusted Extensions
- Chapter??3 Adding Solaris Trusted Extensions Software to the Solaris OS (Tasks)
- Chapter??4 Configuring Trusted Extensions (Tasks)
- Setting Up the Global Zone in Trusted Extensions
- Creating Labeled Zones
- Adding Network Interfaces and Routing to Labeled Zones
- Creating Roles and Users in Trusted Extensions
- Creating Home Directories in Trusted Extensions
- Adding Users and Hosts to an Existing Trusted Network
- Troubleshooting Your Trusted Extensions Configuration
- Additional Trusted Extensions Configuration Tasks
- Chapter??5 Configuring LDAP for Trusted Extensions (Tasks)
- Configuring an LDAP Server on a Trusted Extensions Host (Task Map)
- Configuring an LDAP Proxy Server on a Trusted Extensions Host (Task Map)
- Configuring the Sun Java System Directory Server on a Trusted Extensions System
- Creating a Trusted Extensions Proxy for an Existing Sun Java System Directory Server
- Configuring the Solaris Management Console for LDAP (Task Map)
- Chapter??6 Configuring a Headless System
With Trusted Extensions (Tasks)
- Headless System Configuration in Trusted Extensions (Task
Map)
- Enable Remote Login by root User in Trusted Extensions
- Enable Remote Login by a Role in Trusted Extensions
- Enable Remote Login From an Unlabeled System
- Use a Remote Solaris Management Console to Administer in the Files Scope
- Enable the Remote Display of Administrative GUIs
- Use the rlogin or ssh Command to Log In and Administer a Headless System in Trusted Extensions
- Headless System Configuration in Trusted Extensions (Task
Map)
- Chapter??1 Security Planning for Trusted Extensions
- Part??II Administration of Trusted Extensions
- Chapter??7 Trusted Extensions Administration Concepts
- Chapter??8 Trusted Extensions Administration Tools
- Chapter??9 Getting Started as a Trusted Extensions Administrator (Tasks)
- Chapter??10 Security Requirements on a Trusted Extensions System (Overview)
- Chapter??11 Administering Security
Requirements in Trusted Extensions (Tasks)
- Common Tasks in Trusted Extensions (Task Map)
- How to Assign the Editor of Your Choice as the Trusted Editor
- How to Change the Password for root
- How to Regain Control of the Desktop's Current Focus
- How to Obtain the Hexadecimal Equivalent for a Label
- How to Obtain a Readable Label From Its Hexadecimal Form
- How to Change Security Defaults in System Files
- Common Tasks in Trusted Extensions (Task Map)
- Chapter??12 Users, Rights, and Roles in Trusted Extensions (Overview)
- Chapter??13 Managing Users, Rights,
and Roles in Trusted Extensions (Tasks)
- Customizing the User Environment for Security (Task Map)
- Managing Users and Rights With the Solaris Management Console (Task
Map)
- How to Modify a User's Label Range in the Solaris Management Console
- How to Create a Rights Profile for Convenient Authorizations
- How to Restrict a User's Set of Privileges
- How to Prevent Account Locking for Users
- How to Hide Labels From a User
- How to Enable a User to Change the Security Level of Data
- How to Delete a User Account From a Trusted Extensions System
- Handling Other Tasks in the Solaris Management Console (Task Map)
- Chapter??14 Remote Administration in Trusted Extensions (Tasks)
- Secure Remote Administration in Trusted Extensions
- Methods for Administering Remote Systems in Trusted Extensions
- Remote Login by a Role in Trusted Extensions
- Administering Trusted Extensions Remotely (Task
Map)
- How to Log In Remotely From the Command Line in Trusted Extensions
- How to Remotely Administer Systems by Using the Solaris Management Console From a Trusted Extensions System
- How to Remotely Administer Systems by Using the Solaris Management Console From an Unlabeled System
- How to Enable Specific Users to Log In Remotely to the Global Zone in Trusted Extensions
- How to Use Xvnc to Remotely Access a Trusted Extensions System
- Chapter??15 Trusted Extensions and LDAP (Overview)
- Chapter??16 Managing Zones in Trusted Extensions (Tasks)
- Zones in Trusted Extensions
- Global Zone Processes and Labeled Zones
- Zone Administration Utilities in Trusted Extensions
- Managing Zones (Task Map)
- How to Display Ready or Running Zones
- How to Display the Labels of Mounted Files
- How to Loopback Mount a File That Is Usually Not Visible in a Labeled Zone
- How to Disable the Mounting of Lower-Level Files
- How to Share a ZFS Dataset From a Labeled Zone
- How to Enable Files to be Relabeled From a Labeled Zone
- How to Configure a Multilevel Port for NFSv3 Over udp
- How to Create a Multilevel Port for a Zone
- Chapter??17 Managing and Mounting
Files in Trusted Extensions (Tasks)
- Sharing and Mounting Files in Trusted Extensions
- NFS Mounts in Trusted Extensions
- Sharing Files From a Labeled Zone
- Access to NFS Mounted Directories in Trusted Extensions
- Trusted Extensions Software and NFS Protocol Versions
- Mounting Labeled ZFS Datasets
- Backing Up, Sharing, and Mounting Labeled Files (Task Map)
- Chapter??18 Trusted Networking (Overview)
- Chapter??19 Managing Networks
in Trusted Extensions (Tasks)
- Managing the Trusted Network (Task Map)
- Configuring Trusted Network Databases
(Task Map)
- How to Determine If You Need Site-Specific Security Templates
- How to Open the Trusted Networking Tools
- How to Construct a Remote Host Template
- How to Add Hosts to the System's Known Network
- How to Assign a Security Template to a Host or a Group of Hosts
- How to Limit the Hosts That Can Be Contacted on the Trusted Network
- Configuring Routes and Checking Network Information in Trusted Extensions (Task Map)
- Configuring Labeled IPsec (Task Map)
- Troubleshooting the Trusted Network (Task Map)
- Chapter??20 Multilevel Mail in Trusted Extensions (Overview)
- Chapter??21 Managing Labeled
Printing (Tasks)
- Labels, Printers, and Printing
- Managing Printing in Trusted Extensions (Task Map)
- Configuring Labeled Printing (Task Map)
- Reducing Printing Restrictions in Trusted Extensions (Task
Map)
- How to Remove Labels From Printed Output
- How to Assign a Label to an Unlabeled Print Server
- How to Remove Page Labels From All Print Jobs
- How to Enable Specific Users to Suppress Page Labels
- How to Suppress Banner and Trailer Pages for Specific Users
- How to Enable Users to Print PostScript Files in Trusted Extensions
- Chapter??22 Devices in Trusted Extensions (Overview)
- Chapter??23 Managing Devices for Trusted Extensions (Tasks)
- Chapter??24 Trusted Extensions Auditing (Overview)
- Chapter??25 Software Management in Trusted Extensions (Tasks)
- Appendix??A Site Security Policy
- Appendix??B Configuration Checklist for Trusted Extensions
- Appendix??C Quick Reference to Trusted Extensions Administration
- Appendix??D List of Trusted Extensions Man Pages
- Glossary