Go to main content
oracle home
Trusted Extensions User's Guide
Exit Print View
Search Term
Search Scope:
This Document
Entire Library
» ...
Documentation Home
»
Oracle Solaris 11.3 Information Library
»
Trusted Extensions User's Guide
»
Index A
Updated: October 2017
Trusted Extensions User's Guide
Document Information
Using This Documentation
Product Documentation Library
Feedback
Chapter 1 About Trusted Extensions
What Is Trusted Extensions?
Trusted Extensions Protects Against Intruders
Access to the Trusted Computing Base Is Limited
Mandatory Access Control Protects Information
Peripheral Devices Are Protected
Programs That Spoof Users Are Prevented
Trusted Extensions Provides Discretionary and Mandatory Access Control
Discretionary Access Control
Mandatory Access Control
Sensitivity Labels and Clearances
Containers and Labels
Labels and Transactions
User Responsibilities for Protecting Data
Trusted Extensions Separates Information by Label
Single-Level or Multilevel Sessions
Session Selection Example
Labeled Workspaces
Enforcing MAC for Email Transactions
Erasing Data on Objects Prior to Object Reuse
Trusted Extensions Enables Secure Administration
Accessing Applications in Trusted Extensions
Administration by Role in Trusted Extensions
Chapter 2 Logging In to Trusted Extensions
Desktop Login in Trusted Extensions
Trusted Extensions Login Process
Identification and Authentication During Login
Review Security Attributes During Login
Logging In to Trusted Extensions
Identify and Authenticate Yourself to the System
Check Messages and Select Session Type
Troubleshoot Login Problems
Logging In Remotely to Trusted Extensions
How to Log In to a Remote Trusted Extensions Desktop
Chapter 3 Working in Trusted Extensions
Visible Desktop Security in Trusted Extensions
Trusted Extensions Logout Process
Working on a Labeled System
How to Lock and Unlock Your Screen
How to Log Out of Trusted Extensions
How to Shut Down Your System
How to View Your Files in a Labeled Workspace
How to Access the Trusted Extensions Man Pages
How to Access Initialization Files at Every Label
How to Interactively Display a Window Label
How to Find the Mouse Pointer
How to Perform Some Common Desktop Tasks in Trusted Extensions
Performing Trusted Actions
How to Change Your Password in Trusted Extensions
How to Log In at a Different Label
How to Allocate a Device in Trusted Extensions
How to Deallocate a Device in Trusted Extensions
How to Assume a Role in Trusted Extensions
How to Change the Label of a Workspace
How to Add a Workspace at Your Minimum Label
How to Switch to a Workspace at a Different Label
How to Move a Window to a Different Workspace
How to Determine the Label of a File
How to Move Data Between Windows of Different Labels
How to Upgrade Data in a Multilevel Dataset
How to Downgrade Data in a Multilevel Dataset
Chapter 4 Elements of Trusted Extensions
Visible Features of Trusted Extensions
Labels on Trusted Extensions Desktops
Trusted Stripe
Trusted Symbol
Window Label Indicator
Device Security in Trusted Extensions
Files and Applications in Trusted Extensions
.copy_files File
.link_files File
Password Security in the Oracle Solaris OS
Workspace Security in Trusted Extensions
Glossary
Index
Index A
Index C
Index D
Index E
Index F
Index H
Index I
Index K
Index L
Index M
Index N
Index O
Index P
Index Q
Index R
Index S
Index T
Index U
Index V
Index W
Index Z
Language:
English
Index
A
access control
access control lists (ACLs)
Discretionary Access Control
discretionary access control (DAC)
Discretionary Access Control
mandatory access control (MAC)
Mandatory Access Control
permission bits
Discretionary Access Control
access control lists (ACLs)
Discretionary Access Control
accessing
for read only
Labels and Transactions
for reading and writing
Labels and Transactions
for writing
Labels and Transactions
initialization files at every label
How to Access Initialization Files at Every Label
lower-level home directories
Containers and Labels
man pages in Trusted Extensions
How to Access the Trusted Extensions Man Pages
remote multilevel desktop
Logging In Remotely to Trusted Extensions
adding
labeled workspace
How to Add a Workspace at Your Minimum Label
workspaces
How to Add a Workspace at Your Minimum Label
admin role
See
System Administrator role
Allocate Device menu item
How to Allocate a Device in Trusted Extensions
allocating a device
How to Allocate a Device in Trusted Extensions
troubleshooting
How to Allocate a Device in Trusted Extensions
Assume
rolename
role menu item
How to Assume a Role in Trusted Extensions
assuming a role
How to Assume a Role in Trusted Extensions
authorizations
changing labels
Examples of Label Relationships in Trusted Extensions
for allocating devices
Peripheral Devices Are Protected
required to change label of data
How to Downgrade Data in a Multilevel Dataset
How to Upgrade Data in a Multilevel Dataset
How to Move Data Between Windows of Different Labels
C
.copy_files
file
creating
How to Access Initialization Files at Every Label
described
.copy_files File
troubleshooting
Creating a .link_files File
Change Login Password menu item
How to Change Your Password in Trusted Extensions
Change Workspace Label menu item
How to Change the Label of a Workspace
Change Workspace Password menu item
How to Change Your Password in Trusted Extensions
changing
security level of data
How to Downgrade Data in a Multilevel Dataset
How to Upgrade Data in a Multilevel Dataset
How to Move Data Between Windows of Different Labels
workspace label
How to Change the Label of a Workspace
your password
How to Change Your Password in Trusted Extensions
choosing
label or clearance during login
Check Messages and Select Session Type
classification component of label
defined
Sensitivity Labels and Clearances
clearances
label type
Sensitivity Labels and Clearances
setting at login
Check Messages and Select Session Type
Single-Level or Multilevel Sessions
setting session
Check Messages and Select Session Type
compartment component of label
defined
Sensitivity Labels and Clearances
containers
See
zones
copy-and-paste
effect on labels
Examples of Label Relationships in Trusted Extensions
creating
$HOME/.copy_files
file
How to Access Initialization Files at Every Label
$HOME/.link_files
file
How to Access Initialization Files at Every Label
customizing
desktop
How to Perform Some Common Desktop Tasks in Trusted Extensions
D
data
changing label of
How to Downgrade Data in a Multilevel Dataset
How to Upgrade Data in a Multilevel Dataset
How to Move Data Between Windows of Different Labels
determining label of
How to Determine the Label of a File
protecting with MAC
Mandatory Access Control
deallocating devices
basic procedure
How to Deallocate a Device in Trusted Extensions
desktops
common tasks
How to Perform Some Common Desktop Tasks in Trusted Extensions
in Trusted Extensions
Desktop Login in Trusted Extensions
keyboard focus
How to Change Your Password in Trusted Extensions
logging in remotely
Logging In Remotely to Trusted Extensions
determining
label of a file
How to Determine the Label of a File
label of a window
How to Interactively Display a Window Label
Device Manager
deallocating devices
How to Deallocate a Device in Trusted Extensions
devices
allocating
How to Allocate a Device in Trusted Extensions
clearing prior to reuse
Erasing Data on Objects Prior to Object Reuse
protecting
Peripheral Devices Are Protected
secured by allocation requirement
Device Security in Trusted Extensions
troubleshooting
How to Allocate a Device in Trusted Extensions
using
How to Allocate a Device in Trusted Extensions
directories
visibility of home directories
Containers and Labels
discretionary access control (DAC)
defined
Discretionary Access Control
dominance between labels
Labels and Transactions
downgrading information
Examples of Label Relationships in Trusted Extensions
drag-and-drop
effect on labels
Examples of Label Relationships in Trusted Extensions
E
email
label enforcement
Enforcing MAC for Email Transactions
email instructions
user responsibilities
User Responsibilities for Protecting Data
F
failsafe login
Troubleshoot Login Problems
File Browser
displaying label of file
How to Determine the Label of a File
troubleshooting when it does not appear
How to Allocate a Device in Trusted Extensions
viewing contents
How to View Your Files in a Labeled Workspace
How to View Your Files in a Labeled Workspace
File Manager
troubleshooting when it does not appear
How to Allocate a Device in Trusted Extensions
files
$HOME/.copy_files
.copy_files File
How to Access Initialization Files at Every Label
$HOME/.link_files
.link_files File
How to Access Initialization Files at Every Label
accessing initialization files at every label
How to Access Initialization Files at Every Label
viewing in a workspace
How to View Your Files in a Labeled Workspace
finding
calendar events at every label
How to Perform Some Common Desktop Tasks in Trusted Extensions
Trusted Path menu
Trusted Extensions Multilevel Desktop
H
help in Trusted Extensions
man pages
How to Access the Trusted Extensions Man Pages
home directories
visible from higher-level zone
Containers and Labels
hot key
regaining control of desktop focus
How to Change Your Password in Trusted Extensions
regaining control of pointer
How to Find the Mouse Pointer
I
information
See
data
initialization files
accessing at every label
How to Access Initialization Files at Every Label
troubleshooting when customized
Troubleshoot Login Problems
K
key combinations
testing if grab is trusted
How to Change Your Password in Trusted Extensions
How to Find the Mouse Pointer
L
.link_files
file
creating
How to Access Initialization Files at Every Label
described
.link_files File
troubleshooting
Creating a .link_files File
label ranges
described
Sensitivity Labels and Clearances
troubleshooting a workstation with a restricted range
Troubleshoot Login Problems
labels
See Also
clearances
changing label of data
How to Downgrade Data in a Multilevel Dataset
How to Upgrade Data in a Multilevel Dataset
How to Move Data Between Windows of Different Labels
changing label on information
Examples of Label Relationships in Trusted Extensions
components
Sensitivity Labels and Clearances
determining by window query
How to Interactively Display a Window Label
displayed in Trusted Extensions
Labels on Trusted Extensions Desktops
displayed on desktop
Typical Industry Sensitivity Labels
dominance
Labels and Transactions
labeled zones
Containers and Labels
means of protecting data
Trusted Extensions Separates Information by Label
ranges
Sensitivity Labels and Clearances
relationships
Labels and Transactions
sample government labels
Labels and Transactions
sample industry labels
Sensitivity Labels and Clearances
sample label relationships
Labels and Transactions
setting at login
Check Messages and Select Session Type
setting clearance at login
Single-Level or Multilevel Sessions
setting session labels
Check Messages and Select Session Type
Check Messages and Select Session Type
types
Sensitivity Labels and Clearances
visible on desktop
Visible Desktop Security in Trusted Extensions
linking files at different labels
by using
.link_files
How to Access Initialization Files at Every Label
logging in
at a different label
How to Log In at a Different Label
choosing a label or clearance
Check Messages and Select Session Type
failsafe
Troubleshoot Login Problems
five steps of
Trusted Extensions Login Process
remotely to multilevel desktop
Logging In Remotely to Trusted Extensions
reviewing security settings
Check Messages and Select Session Type
troubleshooting
Troubleshoot Login Problems
Identify and Authenticate Yourself to the System
logging out
procedure
How to Log Out of Trusted Extensions
user responsibilities
Trusted Extensions Logout Process
login process
See
logging in
M
Main Menu
Shut Down
How to Shut Down Your System
man pages in Trusted Extensions
How to Access the Trusted Extensions Man Pages
mandatory access control (MAC)
defined
Mandatory Access Control
enforced for email
Enforcing MAC for Email Transactions
moving
a window to a workspace at a different label
How to Move a Window to a Different Workspace
data to different label
How to Downgrade Data in a Multilevel Dataset
How to Upgrade Data in a Multilevel Dataset
How to Move Data Between Windows of Different Labels
multiheaded system
trusted stripe
Finding the Real Trusted Stripe
Visible Desktop Security in Trusted Extensions
multilevel login
remote
Logging In Remotely to Trusted Extensions
multilevel sessions
defined
Single-Level or Multilevel Sessions
N
no trusted indicator
troubleshooting
Trusted Symbol
no trusted stripe
troubleshooting
Working on a Labeled System
Not Found
error message
Accessing Applications in Trusted Extensions
Not in Profile
error message
Accessing Applications in Trusted Extensions
O
object
defined
Typical Industry Sensitivity Labels
reuse
Erasing Data on Objects Prior to Object Reuse
oper role
See
Operator role
Operator role
responsibilities
Administration by Role in Trusted Extensions
P
passwords
testing if password prompt is trusted
Testing If the Password Prompt Can Be Trusted
user responsibilities
Password Security in the Oracle Solaris OS
peripheral devices
See
devices
permissions
at discretion of file owner
Discretionary Access Control
user responsibilities
User Responsibilities for Protecting Data
pfexec
command
See
profile shell
policy
See
security policy
procedures
See
users
profile shell
defined
Accessing Applications in Trusted Extensions
profiles
See
rights profiles
protecting files
by label
Trusted Extensions Separates Information by Label
DAC
Discretionary Access Control
MAC
Mandatory Access Control
user responsibilities
User Responsibilities for Protecting Data
Q
Query Window Label menu item
How to Interactively Display a Window Label
R
read access
in labeled environment
Labels and Transactions
regaining control of pointer
How to Find the Mouse Pointer
remote login
to multilevel desktop
Logging In Remotely to Trusted Extensions
responsibilities
of administrators
Administration by Role in Trusted Extensions
users for password security
Password Security in the Oracle Solaris OS
users to clear media
Erasing Data on Objects Prior to Object Reuse
users to protect data
User Responsibilities for Protecting Data
users when logging out
How to Log Out of Trusted Extensions
restoring control of pointer
How to Find the Mouse Pointer
reviewing security settings
Message Of The Day dialog box
Review Security Attributes During Login
procedure during login
Check Messages and Select Session Type
rights profiles
defined
Accessing Applications in Trusted Extensions
roles
adding a labeled workspace
How to Add a Workspace at Your Minimum Label
changing workspace label
How to Change the Label of a Workspace
common roles
Administration by Role in Trusted Extensions
responsibilities of
Administration by Role in Trusted Extensions
special user account
Trusted Extensions Enables Secure Administration
root role
responsibilities
Administration by Role in Trusted Extensions
S
secadmin role
See
Security Administrator role
Security Administrator role
contacting about missing trusted indicator
Trusted Symbol
contacting about missing trusted stripe
Working on a Labeled System
responsibilities
Administration by Role in Trusted Extensions
security policy
defined
security policy
What Is Trusted Extensions?
security practices
defined
What Is Trusted Extensions?
selection
changing label
How to Downgrade Data in a Multilevel Dataset
How to Upgrade Data in a Multilevel Dataset
How to Move Data Between Windows of Different Labels
Selection Manager
How to Move Data Between Windows of Different Labels
sensitivity labels
See
labels
label type
Sensitivity Labels and Clearances
session clearances
defined
Single-Level or Multilevel Sessions
sessions
choosing clearance
Single-Level or Multilevel Sessions
effect of selecting level
Session Selection Example
setting level
Check Messages and Select Session Type
single-level or multilevel
Single-Level or Multilevel Sessions
Shut Down menu item
How to Shut Down Your System
shutting down a workstation
How to Shut Down Your System
single-level sessions
defined
Single-Level or Multilevel Sessions
spoofing
defined
spoof
Programs That Spoof Users Are Prevented
Stop-A (L1-A) keyboard combination
How to Shut Down Your System
subject
defined
Typical Industry Sensitivity Labels
Suspend System menu item
How to Shut Down Your System
switching to a workspace at a different label
How to Switch to a Workspace at a Different Label
system administration
on Trusted Extensions
Trusted Extensions Enables Secure Administration
System Administrator role
responsibilities
Administration by Role in Trusted Extensions
T
tasks
See
users
troubleshooting
$HOME/.copy_files
file
Creating a .link_files File
$HOME/.link_files
file
Creating a .link_files File
command line error messages
Accessing Applications in Trusted Extensions
device allocation
How to Allocate a Device in Trusted Extensions
File Manager not appearing
How to Allocate a Device in Trusted Extensions
login
Troubleshoot Login Problems
missing trusted indicator
Trusted Symbol
missing trusted stripe
Working on a Labeled System
password failure
Identify and Authenticate Yourself to the System
trusted applications
by using rights profiles
Accessing Applications in Trusted Extensions
trusted computing base (TCB)
defined
Access to the Trusted Computing Base Is Limited
procedures that interact with the TCB
Performing Trusted Actions
symbol of interacting with
Trusted Symbol
Programs That Spoof Users Are Prevented
Trusted Extensions
overview
What Is Trusted Extensions?
visible features
Visible Features of Trusted Extensions
workspace security
Workspace Security in Trusted Extensions
Trusted GNOME
customizing the desktop
How to Perform Some Common Desktop Tasks in Trusted Extensions
trusted grab
key combination
How to Change Your Password in Trusted Extensions
How to Find the Mouse Pointer
trusted indicator
missing
Trusted Symbol
Trusted Path menu
Allocate Device
How to Allocate a Device in Trusted Extensions
Assume
rolename
role
How to Assume a Role in Trusted Extensions
Change Login Password
How to Change Your Password in Trusted Extensions
Change Workspace Label
How to Change the Label of a Workspace
Change Workspace Password
How to Change Your Password in Trusted Extensions
location
Trusted Extensions Multilevel Desktop
Query Window Label
How to Interactively Display a Window Label
trusted stripe
described
Trusted Stripe
location on desktop
Trusted Extensions Multilevel Desktop
location on screen
Typical Industry Sensitivity Labels
not on lockscreen
How to Lock and Unlock Your Screen
on multiheaded system
Finding the Real Trusted Stripe
Visible Desktop Security in Trusted Extensions
warping pointer to
Forcing the Mouse Pointer to the Trusted Stripe
what to do if missing
Working on a Labeled System
trusted symbol
described
Trusted Symbol
on workspace
Visible Desktop Security in Trusted Extensions
tamper-proof icon
Programs That Spoof Users Are Prevented
types of labels
Sensitivity Labels and Clearances
U
unlabeled screens
lockscreen
How to Lock and Unlock Your Screen
login screen
Desktop Login in Trusted Extensions
upgrading information
Examples of Label Relationships in Trusted Extensions
user clearances
defined
Sensitivity Labels and Clearances
user responsibilities
password security
Password Security in the Oracle Solaris OS
protecting data
User Responsibilities for Protecting Data
when leaving workstation
Trusted Extensions Logout Process
users
accessing initialization files at every label
How to Access Initialization Files at Every Label
adding a labeled workspace
How to Add a Workspace at Your Minimum Label
allocating a device
How to Allocate a Device in Trusted Extensions
assuming a role
How to Assume a Role in Trusted Extensions
authorized to change security level of data
How to Downgrade Data in a Multilevel Dataset
How to Upgrade Data in a Multilevel Dataset
How to Move Data Between Windows of Different Labels
changing workspace label
How to Change the Label of a Workspace
changing your password
How to Change Your Password in Trusted Extensions
determining the label of a file
How to Determine the Label of a File
finding pointer
How to Find the Mouse Pointer
locking your screen
How to Lock and Unlock Your Screen
logging in at a different label
How to Log In at a Different Label
logging out
How to Log Out of Trusted Extensions
moving a window to a workspace at a different label
How to Move a Window to a Different Workspace
moving data between labels
How to Downgrade Data in a Multilevel Dataset
How to Upgrade Data in a Multilevel Dataset
How to Move Data Between Windows of Different Labels
responsibilities
clearing devices
Erasing Data on Objects Prior to Object Reuse
password security
Password Security in the Oracle Solaris OS
protecting data
User Responsibilities for Protecting Data
when leaving workstation
How to Log Out of Trusted Extensions
shutting down a workstation
How to Shut Down Your System
switching to a workspace at a different label
How to Switch to a Workspace at a Different Label
unlocking your screen
How to Lock and Unlock Your Screen
viewing files in a workspace
How to View Your Files in a Labeled Workspace
using a device
See
allocating a device
V
visibility
desktop security
Visible Desktop Security in Trusted Extensions
labels after login
Desktop Login in Trusted Extensions
reading lower-level home directories
Containers and Labels
trusted stripe
Trusted Extensions Multilevel Desktop
Working on a Labeled System
Typical Industry Sensitivity Labels
W
Window Label indicator
Window Label Indicator
Workspace Menu
Suspend System
How to Shut Down Your System
workspaces
labeled
Labeled Workspaces
setting default label
How to Log In at a Different Label
write access
in labeled environment
Labels and Transactions
Z
zones
home directory visibility
Containers and Labels
labeled
Containers and Labels
Previous