test

Oracle Solaris Trusted Extensions User's Guide

ProcedureHow to Move Files Between Labels in Trusted CDE

As on a standard Solaris system, you can move files in Trusted Extensions. When you move a file to a different label, you are upgrading or downgrading the sensitivity of the information that is in the file.

Before You Begin

Your site's security policy must permit this type of transfer, the containing zone must permit relabeling, and you must be authorized to move files between labels.

Therefore, your administrator must have completed the following tasks:

You must be logged in to a multilevel session in Trusted CDE. The file that you want to move must be closed. Verify that no one else is using this file.

  1. Create workspaces at both labels.

    For details, see How to Add a Workspace at a Particular Label.

  2. Open File Managers at both labels.

    For details, see How to View Your Files in a Labeled Workspace.

  3. In the source File Manager, navigate to the file whose label is to change.

  4. In the target File Manager, navigate to the file's new directory.

  5. Move the File Managers into one workspace.

    For details, see How to Move a Window to a Different Workspace.

    Figure 3–16 Differently Labeled File Managers in One Workspace

    Illustration shows file managers at 2 different labels in the same workspace.

  6. Drag and drop the file to the target directory.

    Figure 3–17 Dragging a File Between File Managers at Different Labels

    Illustration shows file managers at 2 different labels, and a file being dragged from one manager to the other.

    The File Manager Confirmation dialog box is displayed, as shown in Figure 3–18.

    This dialog box is similar to the Selection Manager Confirmation dialog box, but does not include a timer. This dialog box:

    • Describes why confirmation of the transaction is needed.

    • Identifies the label and the owner of the source file.

    • Identifies the label and the owner of the destination file.

    • Identifies the type of data that was selected for transfer, the type of the target file, and the size of the data in bytes.

    Figure 3–18 File Manager Confirmation Dialog Box

    Window titled FileManager Drag And Drop Confirmer, label Trusted Path, shows the source, destination, and transfer information for a dragged file.

  7. Confirm that you want the label of the file to change.

    • Click Cancel to stop the transaction.

    • Click Apply to move the file to the new label.

Example 3–5 Linking a File to a Different Label

The linking of a file to another label is useful when you want to view a file with a lower label at a higher label. The file is writable only at the lower label.

To link a file, the user presses Shift-Control while dragging the file icon from the source File Manager to the target File Manager. Then, the user confirms the link, or cancels the operation.

Troubleshooting

If your system is not configured to permit the upgrading or downgrading of labels, a dialog box that states that the transfer is not authorized is displayed. Check with your administrator.