Skip Navigation Links | |
Exit Print View | |
Oracle Solaris Trusted Extensions User Guide Oracle Solaris 11 Express 11/10 |
1. Introduction to Trusted Extensions Software
2. Logging In to Trusted Extensions (Tasks)
3. Working in Trusted Extensions (Tasks)
Visible Desktop Security in Trusted Extensions
Trusted Extensions Logout Process
How to Lock and Unlock Your Screen
How to Log Out of Trusted Extensions
How to View Your Files in a Labeled Workspace
How to Access the Trusted Extensions Man Pages
How to Access Initialization Files at Every Label
How to Interactively Display a Window Label
How to Perform Some Common Desktop Tasks in Trusted Extensions
How to Change Your Password in Trusted Extensions
How to Log In at a Different Label
How to Allocate a Device in Trusted Extensions
How to Deallocate a Device in Trusted Extensions
How to Assume a Role in Trusted Extensions
How to Change the Label of a Workspace
How to Add a Workspace at Your Minimum Label
How to Switch to a Workspace at a Different Label
How to Move a Window to a Different Workspace
The following security-related tasks require the trusted path.
Caution - If the trusted symbol is missing when you are attempting a security-related action, contact your security administrator at once. The problem on your system could be serious. |
Unlike the Oracle Solaris OS, Trusted Extensions provides a GUI for changing your password. The GUI grabs the pointer until the password operation is completed. To stop a process that has grabbed the pointer, see Example 3-5.
For the Change password menu item, click Trusted Path in the trusted stripe.
Figure 3-3 Trusted Path Menu
This action confirms that you are the legitimate user for this user name. For security reasons, the password is not displayed as you type.
Caution - When you type your password, make sure that the cursor is over the Change Password dialog box and that the trusted symbol is displayed. If the cursor is not over the dialog box, you might inadvertently type your password into a different window where the password could be seen by another user. If the trusted symbol is not displayed, then someone might be attempting to steal your password. Contact your security administrator at once. |
Example 3-5 Testing If the Password Prompt Can Be Trusted
On an x86 system that has a Sun keyboard, the user has been prompted for a password. The mouse pointer has been grabbed and is positioned in the password dialog box. To check that the prompt is trusted, the user presses the Meta-Stop keys simultaneously. If the pointer remains in the dialog box, the user knows that the password prompt is trusted.
If the pointer does not remain in the dialog box, the user knows that the password prompt cannot be trusted. The user then must contact the administrator.
The label of the first workspace that appears in subsequent login sessions after the first login can be set to any label within your label range.
Users can configure the startup session characteristics for every label at which they log in.
You must be logged in to a multilevel session.
For details, see How to Add a Workspace at Your Minimum Label.
For details, see How to Perform Some Common Desktop Tasks in Trusted Extensions.
The Allocate Device menu item enables you to mount and allocate a device for your exclusive use. If you try to use a device without allocating it, you get the error message “Permission Denied”.
You must be authorized to allocate a device.
The devices that you are permitted to allocate at your current label appear under Available Devices:.
audion – Indicates a microphone and speaker
cdromn – Indicates a CD-ROM drive
floppyn – Indicates a diskette drive
mag_tapen – Indicates a tape drive (streaming)
rmdiskn – Indicates a removable disk, such as a JAZ or ZIP drive, or USB hot-pluggable media
Move the device from the Available Devices list to the Allocated Devices list.
This step starts the clean script. The clean script ensures that no data from other transactions remains on the media.
Note that the label of the current workspace is applied to the device. Any data transferred to or from the device's media must be dominated by this label.
The instructions ensure that the media has the correct label. For example, the following instructions appear for microphone use:
Then, the device is mounted. The device name now appears in the Allocated Devices list. This device is now allocated for your exclusive use.
If the device that you want to use does not appear in the list, check with your administrator. The device could be in an error state or in use by someone else. Or, you might not be authorized to use the device.
If you switch to a different role workspace or to a workspace at a different label, the allocated device cannot work at that label. To use the device at the new label, you need to deallocate the device at the initial label, and then allocate the device at the new label. When you move the Device Manager to a workspace at a different label, the Available and Allocated Devices lists change to reflect the correct context.
If a File Browser window does not appear, open the window manually, then navigate to the root directory, /. In this directory, navigate to the allocated device to view its contents.
The device is now available for use by another authorized user.
Unlike the Oracle Solaris OS, Trusted Extensions provides a GUI for assuming a role.
This action confirms that you can legitimately assume this role. For security reasons, the password is not displayed as you type.
Caution - When you type your password, make sure that the cursor is over the Change Password dialog box and that the trusted symbol is displayed. If the cursor is not over the dialog box, you might inadvertently type your password into a different window where the password could be seen by another user. If the trusted symbol is not displayed, then someone might be attempting to steal your password. Contact your security administrator at once. |
After the role password is accepted, the current workspace becomes the role workspace. You are in the global zone. You can perform the tasks that are permitted by the rights profiles in your role.
The ability to set workspace labels in Trusted Extensions provides a convenient means of working at different labels within the same multilevel session.
Use this procedure to work in the same workspace at a different label. To create a workspace at a different label, see How to Add a Workspace at Your Minimum Label.
You must be logged in to a multilevel session.
You can also click a workspace panel.
The following illustration shows the user clicking the Trusted Path button.
Figure 3-4 Label Builder
After clicking this button, the user can select from the user labels. The workspace label is changed to the new label. On a system where labels are color-coded, new windows are marked with the new color.
By default, users are prompted for a password when entering a workspace at a new label. The administrator can configure this setting. For the procedure, see How to Prevent Password Prompting at a Change in Workspace Label in Oracle Solaris Trusted Extensions Configuration and Administration.
The ability to set workspace labels in Trusted Extensions provides a convenient means of working at different labels within the same multilevel session. You can add a workspace at your minimum label.
To change the label of the current workspace, see How to Change the Label of a Workspace.
You must be logged in to a multilevel session.
The new workspaces are created at your minimum label. You can also use this dialog box to name the workspaces. The name appears in the tooltip.
When the mouse hovers over the workspace panel, the name appears in the tooltip.
For details, see How to Change the Label of a Workspace.
You must be logged in to a multilevel session.
By default, users are prompted for a password when entering a workspace at a new label. The administrator can configure this setting. For the procedure, see How to Prevent Password Prompting at a Change in Workspace Label in Oracle Solaris Trusted Extensions Configuration and Administration.
If you are logged in to a single-level session, you must log out to work at a different label. Then, log in at the desired label. If you are permitted, you can also log in to a multilevel session.
If you drag a window to a workspace at a different label, the window retains its original label. Any actions in that window is performed at the label of the window, not at the label of the containing workspace. Moving a window is useful when you want to compare information. You might also want to use applications at different labels without moving between workspaces.
The dragged window now appears in the second workspace.
Usually, the label of a file is obvious. However, if you are allowed to view files at a lower label than your current workspace, the label of a file might not be obvious. In particular, the label of a file can be different from the label of the File Browser.
As on an Oracle Solaris system, you can move data between windows in Trusted Extensions. However, the data must be at the same label. When you transfer information between windows with different labels, you are upgrading or downgrading the sensitivity of that information.
Your site's security policy must permit this type of transfer, the containing zone must permit relabeling, and you must be authorized to move data between labels.
Therefore, your administrator must have completed the following tasks:
You must be logged in to a multilevel session.
For details, see How to Add a Workspace at Your Minimum Label.
For details, see How to Determine the Label of a File.
For details, see How to Move a Window to a Different Workspace.
The Selection Manager Confirmation dialog box is displayed.
Figure 3-5 Selection Manager Confirmation Dialog Box
This dialog box:
Describes why confirmation of the transaction is needed.
Identifies the label and the owner of the source file.
Identifies the label and the owner of the destination file.
Identifies the type of data that was selected for transfer, the type of the target file, and the size of the data in bytes. By default, the selected data is visible in text format.
Indicates the time that remains for you to complete the transaction. The amount of time and the use of the timer depends on your site's configuration.