Trusted Networking
The trusted networking databases are now administered through the Solaris Management Console. The tnidb database is administered using the Interface Manager program. The tnrhtp database and tnrhdb databases are administered using the Security Families program. The tnrhdb is extended to handle IPv6 address formats and variable-length netmasks.
The Trusted Solaris 8 environment does not interoperate with hosts or networks that run Trusted Solaris 1.2 software (except as unlabeled). The msix template for Trusted Solaris 1.2 hosts in the tnrhtp database has been removed.
The following fields have been removed from the tnrhtp templates. For interoperability, these are ignored if present: def_uid, def_gid, def_audit_auid, def_audit_asid, def_audit_mask, and def_audit_termid.
The functions t6last_attr(3NSL) and t6peek_attr(3NSL) no longer return defaults for identity-based attributes.
The /etc/security/tsol/boot directory has been removed. To ensure that a Trusted Solaris machine can contact the necessary servers while booting, the security administrator should ensure that each necessary server (name service master, audit server, and so on) is covered by an entry in the machine's local tnrhdb file.
The /etc/security/tsol/tnrhtp file installed from the Trusted Solaris 8 Installation CD has templates that match the labels in the /etc/security/tsol/label_encodings file installed from the Trusted Solaris 8 Installation CD. The following table shows the correspondences between earlier versions of tnrhtp and the version shipped with the Trusted Solaris 8 release.
Table 1–10 Template Equivalents Between Trusted Solaris 8 and Earlier Releases|
Template Names from Earlier Release |
Trusted Solaris 8 Replacement Names |
|---|---|
|
unlab |
admin_low |
|
unclassified |
|
|
confidential |
|
|
secret |
|
|
top_secret |
|
|
tsol |
tsol |
|
tsol_1 |
tsol_ripso |
|
tsol_2 |
tsol_cipso |
|
ripso |
ripso_top_secret |
|
cipso |
cipso |
|
tsix |
tsix |
The cipso_doi keyword has been changed to the more general doi (Domain of Interpretation) in the tnrhtp database, because now it is used in the Trusted Solaris protocol and is not limited to the CIPSO IP options. Matching of the DOI value is enforced for incoming packets. For interoperability with the previous Trusted Solaris releases, the default DOI in the Trusted Solaris 8 release is 0 instead of empty (it is 1 for CIPSO host types), and the keyword cipso_doi is interpreted as the more general domain of interpretation.
Packets from unlabeled hosts outside a Trusted Solaris domain can be labeled for trusted routing through the secure domain to another host outside the domain using IP options. Incoming packets are labeled according to their originating host's entry in the tnrhdb, and routed through the Trusted Solaris domain according to their sensitivity level (carried in the IP option) and the trusted routing information. The label is then stripped at the exit. Note that trusted routing requires an IPv4 network; IPv6 does not support trusted routing.
The cache files /var/tsol/tn*_c are no longer used. The tnd handles caching and provides tnrhdb entries to the kernel on demand.
The software supplies defaults for network interfaces. Therefore, an interface needs to be listed explicitly in the tnidb database only when its desired security attributes differ from the defaults:
min_sl ADMIN_LOW max_sl ADMIN_HIGH def_label [ADMIN_LOW] def_cl ADMIN_HIGH forced_privs none
- © 2010, Oracle Corporation and/or its affiliates