User Responsibilities for Protecting Data
As a user, you are responsible for setting the permissions to protect your files and directories, as part of discretionary access control. You can check the permissions on your files and directories using the ls(1) command with the -l option or the File Manager, as described in "Viewing or Changing Permissions and ACL Entries".
Mandatory access control is enforced automatically by the system. If you are authorized to upgrade or downgrade information protected by labels, you have an extra special responsibility to ensure that there is a legitimate need for the change.
Another aspect of protecting data is that you should never follow emailed instructions from an administrator without verifying that the administrator actually sent the instructions. For example, if you followed emailed instructions to change your password to a particular value, you would enable the sender to log into your account.
- © 2010, Oracle Corporation and/or its affiliates