Trusted Extensions software adds labels to a system that is running the Oracle Solaris OS. Labels implement mandatory access control (MAC). MAC, along with discretionary access control (DAC), protects system subjects (processes) and objects (data). Trusted Extensions software provides interfaces to handle label configuration, label assignment, and label policy.
Trusted Extensions software uses rights profiles, roles, auditing, privileges, and other security features of Oracle Solaris. You can use Secure Shell, BART, the Cryptographic Framework, IPsec, and IP Filter with Trusted Extensions. All features of the ZFS file system are available in Trusted Extensions, including snapshots, encryption, and storage.
Trusted Extensions software extends the Oracle Solaris OS. The following list provides an overview. See also Quick Reference to Trusted Extensions Administration.
Trusted Extensions enforces mandatory access control (MAC) with labels. MAC protection is in addition to UNIX file permissions, or discretionary access control (DAC). Labels are directly assigned to users, zones, and network endpoints. Labels are implicitly assigned to processes, files, and other system objects.
MAC cannot be overridden by regular users. Trusted Extensions requires regular users to operate in labeled zones. By default, no users or processes in labeled zones can override MAC.
As in the Oracle Solaris OS, the ability to override security policy can be assigned to specific processes or users when MAC can be overridden. For example, users can be authorized to change the label of a file. Such an action upgrades or downgrades the sensitivity of the information in that file.
Trusted Extensions adds to existing configuration files and commands. For example, Trusted Extensions adds audit events, privileges, and rights profiles.
Some features that are optional on an Oracle Solaris system are required on a Trusted Extensions system. For example, zones and roles are required on a system that is configured with Trusted Extensions.
Some features that are optional on an Oracle Solaris system are enabled on a Trusted Extensions system. For example, many sites that configure Trusted Extensions require separation of duty when creating users and assigning security attributes.
Trusted Extensions can change the default behavior of Oracle Solaris. For example, on a system that is configured with Trusted Extensions, network communication is labeled and all zones including non-global zones are labeled.
Trusted Extensions can narrow the options that are available in Oracle Solaris. For example, in Trusted Extensions, all zones are labeled zones. Unlike in Oracle Solaris, labeled zones must use the same pool of user IDs and group IDs. Additionally, in Trusted Extensions, labeled zones can share one IP address.
Trusted Extensions provides additional command line interfaces (CLIs). For example, Trusted Extensions provides the updatehome CLI to place startup files in users' home directories at every label.
To administer zones, the txzonemgr command is available in addition to the zonecfg command.
Trusted Extensions limits what users can see. For example, labeled objects outside of a user's label range are not visible to the user.