JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Solaris Trusted Extensions Configuration and Administration     Oracle Solaris 11 Express 11/10
Oracle Technology Network
Library
PDF
Print View
Feedback
search filter icon
search icon

Document Information

Preface

Part I Initial Configuration of Trusted Extensions

1.  Security Planning for Trusted Extensions

2.  Configuration Roadmap for Trusted Extensions

3.  Adding Trusted Extensions Software to the Oracle Solaris OS (Tasks)

4.  Configuring Trusted Extensions (Tasks)

5.  Configuring LDAP for Trusted Extensions (Tasks)

6.  Configuring a Headless System With Trusted Extensions (Tasks)

Part II Administration of Trusted Extensions

7.  Trusted Extensions Administration Concepts

8.  Trusted Extensions Administration Tools

9.  Getting Started as a Trusted Extensions Administrator (Tasks)

10.  Security Requirements on a Trusted Extensions System (Overview)

11.  Administering Security Requirements in Trusted Extensions (Tasks)

12.  Users, Rights, and Roles in Trusted Extensions (Overview)

13.  Managing Users, Rights, and Roles in Trusted Extensions (Tasks)

14.  Remote Administration in Trusted Extensions (Tasks)

15.  Trusted Extensions and LDAP (Overview)

16.  Managing Zones in Trusted Extensions (Tasks)

17.  Managing and Mounting Files in Trusted Extensions (Tasks)

18.  Trusted Networking (Overview)

19.  Managing Networks in Trusted Extensions (Tasks)

20.  Multilevel Mail in Trusted Extensions (Overview)

21.  Managing Labeled Printing (Tasks)

22.  Devices in Trusted Extensions (Overview)

23.  Managing Devices for Trusted Extensions (Tasks)

24.  Trusted Extensions Auditing (Overview)

25.  Software Management in Trusted Extensions (Reference)

A.  Site Security Policy

Creating and Managing a Security Policy

Site Security Policy and Trusted Extensions

Computer Security Recommendations

Physical Security Recommendations

Personnel Security Recommendations

Common Security Violations

Additional Security References

B.  Configuration Checklist for Trusted Extensions

Checklist for Configuring Trusted Extensions

C.  Quick Reference to Trusted Extensions Administration

Administrative Interfaces in Trusted Extensions

Oracle Solaris Interfaces Extended by Trusted Extensions

Tighter Security Defaults in Trusted Extensions

Limited Options in Trusted Extensions

D.  List of Trusted Extensions Man Pages

Trusted Extensions Man Pages in Alphabetical Order

Oracle Solaris Man Pages That Are Modified by Trusted Extensions

Glossary

Index

A

B

C

D

E

F

G

H

I

K

L

M

N

O

P

R

S

T

U

V

W

X

Z

Index

A

access, See computer access
access policy
devices, Device Access Policies
Discretionary Access Control (DAC)
Trusted Extensions Software and the Oracle Solaris OS
Differences Between Trusted Extensions and the Oracle Solaris OS
Mandatory Access Control (MAC), Differences Between Trusted Extensions and the Oracle Solaris OS
accessing
administrative tools, Getting Started as a Trusted Extensions Administrator (Task Map)
audit records by label, Audit Tasks of the System Administrator
devices, Device Protection With Trusted Extensions Software
global zone, How to Enter the Global Zone in Trusted Extensions
home directories, Zones in Trusted Extensions
printers, Labels, Printers, and Printing
remote multilevel desktop, How to Use Xvnc to Remotely Access a Trusted Extensions System
ZFS dataset mounted in lower-level zone from higher-level zone, How to Share a ZFS Dataset From a Labeled Zone
accessing the X server, Labeled Zone Is Unable to Access the X Server
account locking, preventing, How to Prevent Account Locking for Users
accounts
See roles
See also users
creating, Creating Roles and Users in Trusted Extensions
planning, Planning User Security in Trusted Extensions
accreditation checks, Trusted Extensions Accreditation Checks
accreditation ranges, label_encodings file, Label Encodings File
add_allocatable command, Command Line Tools in Trusted Extensions
adding
default routes for labeled zones, Add a Network Interface That Does Not Use the Global Zone to Route an Existing Labeled Zone
local role with roleadd, Create the Security Administrator Role in Trusted Extensions
local user with useradd, Create Users Who Can Assume Roles in Trusted Extensions
network databases to LDAP server, Populate the Sun Java System Directory Server
nscd daemon to every labeled zone, Configure a Name Service Cache in Each Labeled Zone
roles, Creating Roles and Users in Trusted Extensions
shared network interfaces, Configure the Network Interfaces in Trusted Extensions
Trusted Extensions software, Add Trusted Extensions Packages to an Oracle Solaris System
Trusted Extensions to an Oracle Solaris system, Enable Trusted Extensions
users who can assume roles, Create Users Who Can Assume Roles in Trusted Extensions
zone-specific network interface, Add a Network Interface to Route an Existing Labeled Zone
zone-specific nscd daemon, Configure a Name Service Cache in Each Labeled Zone
Additional Trusted Extensions Configuration Tasks, Additional Trusted Extensions Configuration Tasks
ADMIN_HIGH label, Dominance Relationships Between Labels
ADMIN_LOW label
lowest label, Dominance Relationships Between Labels
protecting administrative files, Password Protection
administering
account locking, How to Prevent Account Locking for Users
assigning device authorizations, How to Assign Device Authorizations
auditing in Trusted Extensions, Audit Management by Role in Trusted Extensions
changing label of information, How to Enable a User to Change the Security Level of Data
convenient authorizations for users, How to Create a Rights Profile for Convenient Authorizations
device allocation, How to Assign Device Authorizations
device authorizations, How to Create New Device Authorizations
devices
Managing Devices for Trusted Extensions (Tasks)
Managing Devices in Trusted Extensions (Task Map)
file systems
mounting, How to NFS Mount Files in a Labeled Zone
overview, Sharing and Mounting Files in Trusted Extensions
troubleshooting, How to Troubleshoot Mount Failures in Trusted Extensions
files
backing up, How to Back Up Files in Trusted Extensions
restoring, How to Restore Files in Trusted Extensions
from the global zone, How to Enter the Global Zone in Trusted Extensions
labeled printing, Managing Labeled Printing (Tasks)
LDAP, Trusted Extensions and LDAP (Overview)
mail, Multilevel Mail in Trusted Extensions (Overview)
multilevel ports, How to Compare Trusted Network Database Information With the Kernel Cache
network in Trusted Extensions, Managing Networks in Trusted Extensions (Tasks)
PostScript printing, How to Enable Users to Print PostScript Files in Trusted Extensions
printing in Trusted Extensions, Managing Printing in Trusted Extensions (Task Map)
printing interoperability with Trusted Solaris 8, Interoperability of Trusted Extensions With Trusted Solaris 8 Printing
quick reference for administrators, Quick Reference to Trusted Extensions Administration
remote host database, How to Assign a Security Template to a Host or a Group of Hosts
remote host templates, How to Construct a Remote Host Template
remotely, Remote Administration in Trusted Extensions (Tasks)
remotely by a role, Enable Remote Login by a Role in Trusted Extensions
remotely from command line, How to Log In Remotely From the Command Line in Trusted Extensions
routes with security attributes, How to Configure Routes With Security Attributes
sharing file systems, How to Share Directories From a Labeled Zone
startup files for users, How to Configure Startup Files for Users in Trusted Extensions
system files, How to Change Security Defaults in System Files
third-party software, Software Management in Trusted Extensions (Reference)
timeout when relabeling information, How to Lengthen the Timeout When Relabeling Information
trusted network databases, Configuring Trusted Network Databases (Task Map)
trusted networking, Managing Networks in Trusted Extensions (Tasks)
unlabeled printing, Reducing Printing Restrictions in Trusted Extensions (Task Map)
user privileges, How to Restrict a User's Set of Privileges
users
Decisions to Make Before Creating Users in Trusted Extensions
Managing Users, Rights, and Roles in Trusted Extensions (Tasks)
Managing Users and Rights (Task Map)
zones, Managing Zones (Task Map)
zones from Trusted GNOME, Zone Administration Utilities in Trusted Extensions
Administering Trusted Extensions Remotely (Task Map), Administering Trusted Extensions Remotely (Task Map)
administrative labels, Dominance Relationships Between Labels
administrative roles, See roles
administrative tools
accessing, Getting Started as a Trusted Extensions Administrator (Task Map)
commands, Command Line Tools in Trusted Extensions
configuration files, Configuration Files in Trusted Extensions
description, Trusted Extensions Administration Tools
Device Manager, Device Manager
label builder, Label Builder in Trusted Extensions
Labeled Zone Manager, txzonemgr Script
txzonemgr script, txzonemgr Script
allocate command, Command Line Tools in Trusted Extensions
Allocate Device authorization
How to Create a Rights Profile for Convenient Authorizations
Device Protection With Trusted Extensions Software
How to Assign Device Authorizations
How to Assign Device Authorizations
allocate error state, correcting, How to Revoke or Reclaim a Device in Trusted Extensions
allocating, using Device Manager, Device Manager GUI
allocating devices, for copying data, How to Copy Files to Portable Media in Trusted Extensions
applications
evaluating for security, Security Administrator Responsibilities for Trusted Programs
trusted and trustworthy, Evaluating Software for Security
assigning
privileges to users, Security Attribute Assignment to Users in Trusted Extensions
rights profiles, Security Attribute Assignment to Users in Trusted Extensions
Assume Role menu item, How to Enter the Global Zone in Trusted Extensions
assuming, roles, How to Enter the Global Zone in Trusted Extensions
atohexlabel command
Command Line Tools in Trusted Extensions
How to Obtain the Hexadecimal Equivalent for a Label
audio devices, preventing remote allocation, How to Protect Nonallocatable Devices in Trusted Extensions
audit classes for Trusted Extensions, list of new X audit classes, Trusted Extensions Audit Classes
audit events for Trusted Extensions, list of, Trusted Extensions Audit Events
audit policy in Trusted Extensions, Trusted Extensions Audit Policy Options
audit records in Trusted Extensions, policy, Trusted Extensions Audit Policy Options
Audit Review profile, reviewing audit records, Audit Tasks of the System Administrator
Audit Tasks of the System Administrator, Audit Tasks of the System Administrator
audit tokens for Trusted Extensions
label token, label Token
list of, Trusted Extensions Audit Tokens
xatom token, xatom Token
xclient token, xclient Token
xcolormap token, xcolormap Token
xcursor token, xcursor Token
xfont token, xfont Token
xgc token, xgc Token
xpixmap token, xpixmap Token
xproperty token, xproperty Token
xselect token, xselect Token
xwindow token, xwindow Token
auditconfig command, Command Line Tools in Trusted Extensions
auditing, planning, Planning for Auditing in Trusted Extensions
auditing in Trusted Extensions
additional audit events, Trusted Extensions Audit Events
additional audit policies, Trusted Extensions Audit Policy Options
additional audit tokens, Trusted Extensions Audit Tokens
additions to existing auditing commands, Extensions to Auditing Commands in Trusted Extensions
differences from Oracle Solaris auditing, Trusted Extensions and Auditing
reference, Trusted Extensions Auditing (Overview)
roles for administering, Audit Management by Role in Trusted Extensions
security administrator tasks, Audit Tasks of the Security Administrator
system administrator tasks, Audit Tasks of the System Administrator
tasks, Audit Tasks in Trusted Extensions
X audit classes, Trusted Extensions Audit Classes
auditreduce command, Command Line Tools in Trusted Extensions
authorizations
adding new device authorizations, How to Create New Device Authorizations
Allocate Device
Device Protection With Trusted Extensions Software
How to Assign Device Authorizations
How to Assign Device Authorizations
assigning, Security Attribute Assignment to Users in Trusted Extensions
assigning device authorizations, How to Assign Device Authorizations
authorizing a user or role to change label, How to Enable a User to Change the Security Level of Data
Configure Device Attributes, How to Assign Device Authorizations
convenient for users, How to Create a Rights Profile for Convenient Authorizations
creating customized device authorizations, How to Create New Device Authorizations
creating local and remote device authorizations, How to Create New Device Authorizations
customizing for devices, How to Add Site-Specific Authorizations to a Device in Trusted Extensions
granted, Trusted Extensions and Access Control
Print Postscript, PostScript Printing of Security Information
Print PostScript, How to Enable Users to Print PostScript Files in Trusted Extensions
profiles that include device allocation authorizations, How to Assign Device Authorizations
Revoke or Reclaim Device
How to Assign Device Authorizations
How to Assign Device Authorizations
solaris.print.nobanner, How to Suppress Banner and Trailer Pages for Specific Users
solaris.print.ps, How to Enable Users to Print PostScript Files in Trusted Extensions
authorizing
device allocation, How to Assign Device Authorizations
PostScript printing, Reducing Printing Restrictions in Trusted Extensions (Task Map)
unlabeled printing, Reducing Printing Restrictions in Trusted Extensions (Task Map)
automount command, Command Line Tools in Trusted Extensions
Copyright © 1992, 2011, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next