JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Trusted Extensions Developer's Guide     Oracle Solaris 11.1 Information Library
search filter icon
search icon

Document Information

Preface

1.  Trusted Extensions APIs and Security Policy

2.  Labels and Clearances

3.  Label Code Examples

4.  Interprocess Communications

5.  Trusted X Window System

6.  Label Builder GUI

7.  Trusted Web Guard Prototype

Administrative Web Guard Prototype

Modifying the label_encodings File

Configuring Trusted Networking

Configuring the Apache Web Servers

Running the Trusted Web Guard Demonstration

Accessing Lower-Level Untrusted Servers

8.  Experimental Java Bindings for the Solaris Trusted Extensions Label APIs

A.  Programmer's Reference

B.  Trusted Extensions API Reference

Index

Chapter 7

Trusted Web Guard Prototype

This chapter describes the configuration of a safe web browsing prototype called Web Guard. Web Guard is configured to isolate a web server and its web content to prevent attacks from the Internet.

The Web Guard prototype described in this chapter is not a complete solution. Rather, the prototype is intended to demonstrate how multilevel ports can be used to proxy URL requests across label boundaries. A more complete solution would include authentication, data filtering, auditing, and so on.

The primary implementation of the prototype is administrative. The prototype uses multilevel ports, trusted networking, and Apache web server configuration to set up Web Guard. In addition to the administrative example, you can use some programmatic methods to set up the safe web browsing prototype.

This chapter covers the following topics: