Default Network Policy (Solaris Trusted Extensions Developer's Guide)

Solaris Trusted Extensions Developer's Guide

Previous: Default Security Attributes
Next: Multilevel Ports

Default Network Policy

For network operations that send or receive data, the default policy is that the local process and the remote peer must have the same label. This policy applies to all zones, including the global zone, whose network label is ADMIN_LOW. However, the default network policy is more flexible than the policy for mounting file systems. Trusted Extensions provides administrative interfaces and programmatic interfaces for overriding the default network policy. For example, a system administrator can create an MLP in the global zone or in a labeled zone to enable listening at different labels.

Previous: Default Security Attributes
Next: Multilevel Ports