Preface

The Trusted Solaris Developer's Guide describes how to use the programming interfaces to write new trusted applications for the Trusted Solaris^TM operating environment. Readers should know UNIX® programming and understand security policy concepts.

Related Books

The Trusted Solaris documentation set is supplemental to the Solaris^TM 8 4/01 documentation set. You should obtain a copy of both sets for a complete understanding of the Trusted Solaris environment.

In this book, system administration duties are referenced to give context for how to set up aspects of the environment in which third-party applications operate. The Trusted Solaris environment contains various administrative roles, and these references to system administrator duties are general and do not refer to a specific administrative role.

The Trusted Solaris Administrator's document set describes how system administration duties are divided among different roles. See the Trusted Solaris Roadmap for a description of the books in the documentation set.

How This Book is Organized

The first two chapters present an overview of the Trusted Solaris programming interfaces, how security policy is enforced, how to retrieve security attribute information for file systems and processes, and how to use the Trusted Solaris security mechanisms. An overview of security policy and interprocess communications is presented in Chapter 10, Interprocess Communications.

Chapter 1, Introduction to the API and Security Policy presents an overview of the Trusted Solaris application programming interfaces and how security policy is enforced in the system.

Chapter 2, Getting Started contains short example programs showing how to retrieve security attribute information for file system and process objects, and how to use the security mechanisms provided in the Trusted Solaris environment.

Chapter 3, Privileges describes the data types and programming interfaces for managing file and process privileges. This chapter also describes how privileges are used in programs, presents guidelines for using privileges, and has a section of code examples.

Chapter 4, Labels describes the data types and programming interfaces for managing labels on process, file system, and device objects. This chapter also describes how a process acquires a CMW label, when label operations require privilege, and presents guidelines for handling labels.

Chapter 5, Label Code Examples presents example code showing how to use the programming interfaces.

Chapter 6, Process Clearance describes the data types and programming interfaces for managing the process clearance. This chapter also describes how a process acquires a clearance, which privileges bypass the restrictions placed on a process by the process clearance, and has a section of code examples.

Chapter 7, Multilevel Directories describes the data types and programming interfaces for getting information on multilevel and single-level directories. There chapter has a section of code examples.

Chapter 8, Application Auditing describes the data types and programming interfaces for generating audit records from a third-party application. There chapter also describes privilege and has a section of code examples.

Chapter 9, Accessing User and Rights Profile Data describes the data types and programming interfaces for reading the security information in the user databases. This chapter has a section of code examples.

Chapter 10, Interprocess Communications presents an overview of how security policy is applied to process-to-process communications within the same workstation and across the network.

Chapter 11, System V Interprocess Communication describes the data types and programming interfaces for managing labels on System V IPC^TM objects. This chapter has a section of code examples.

Chapter 12, Trusted Security Information Exchange Library describes the data types and programming interfaces for handling security attribute information on messages transmitted across the network. This chapter has a section of code examples.

Chapter 13, Remote Procedure Calls describes data types and programming interfaces for remote procedure calls (RPC). This chapter has a section of code examples.

Chapter 14, Trusted X Window System describes the data types and programming interfaces that allow administrative applications to access and modify security-related X Window System information. This chapter has a section of code examples.

Chapter 15, Label Builder describes the data types and programming interfaces for creating a graphical user interface for building labels and clearances. This chapter has a section of code examples.

Appendix A, Programmer's Reference provides information on accessing man pages, shared libraries, header files, abbreviations used in data type and interface names, and preparing an application for release.

Appendix B, Trusted Solaris Interfaces Reference provides listings of the programming interfaces including parameter and return value declarations.

Ordering Sun Documents

Fatbrain.com, the Internet's most comprehensive professional bookstore, stocks select product documentation from Sun Microsystems, Inc.

For a list of documents and how to order them, visit the Sun Documentation Center on Fatbrain.com at http://www1.fatbrain.com/documentation/sun.

Accessing Sun Documentation Online

The docs.sun.com^SM Web site enables you to access Sun technical documentation online. You can browse the docs.sun.com archive or search for a specific book title or subject. The URL is http://docs.sun.com.

Typographic Changes and Symbols

The following table describes the type changes and symbols used in this book.

system% su - janez

Password::