Installing the Trusted Solaris Operating Environment

Installing and configuring the Trusted Solaris environment involves more than loading executable files, entering your site's data, and setting configuration variables. It requires considerable background for making decisions related to your site's security policies. Trusted Solaris software provides a unique environment based on the following concepts:

• Superuser has been eliminated. No one can log in as or su to root.

• Users are limited to those applications necessary for performing their jobs.

• Capabilities formerly assigned to superuser are available to separate, discrete "roles" to be assigned to a limited number of users.

• In addition to UNIX® permissions, access to data is controlled by special security tags called labels which are assigned to users and objects (such as data files and directories).

• The ability to override security policy can be assigned to specific users and applications.

To familiarize yourself with the Trusted Solaris environment, you should at a minimum read the Trusted Solaris User's Guide and the Trusted Solaris Administration Overview. You should also be familiar with the rest of the documentation set, which is described in "Trusted Solaris 8 4/01 Documentation Set". It is highly recommended that you attend a "Trusted Solaris for System Administrators" course, available from Sun Educational Services at http://suned.sun.com/catalog/index.html. Ask your Sun account representative to help you schedule it.

Before installing, you should read Trusted Solaris Installation and Configuration thoroughly so that you can devise an installation strategy. Other useful information for the installation process is contained in the Solaris 8 4/01 Installation Collection. The manual, Solaris 8 4/01 Sun Hardware Platform Guide, contains important information in the following chapters:

• "Supported Sun Hardware"

• "Updating the Flash PROM on the Ultra 1, Ultra 2, Ultra 450, and Sun Enterprise 450 Systems"

  Ultra^TM 1, 2, 450, and Sun Enterprise^TM 450, 3x00, 4x00, 5x00, and 6x00 systems need a Flash PROM upgrade to enable 64-bit operations.

Although there are many similarities between installing the Trusted Solaris 8 4/01 and Solaris 8 4/01 operating environments there are major differences as well, such as:

• You cannot upgrade from a Solaris to a Trusted Solaris environment. You can upgrade from a Trusted Solaris 8 version of the Trusted Solaris environment.

• The disk space requirements differ between the two products.

• Solaris^TM Web Start installation is not supported.

The additional procedures required for a trusted system are provided in Trusted Solaris Installation and Configuration with pointers to other relevant documentation.