Security attributes define security information for file systems, processes, data packets, communication endpoints, and X Window System objects.
File systems store the Solaris and Trusted Solaris security attributes listed below as a security attribute set accessible by the programming interfaces described in Chapter 2, Getting Started. Chapter 3, Privileges describes how to access file privileges.
Solaris Attributes |
Trusted Solaris Attributes |
---|---|
Access Control Lists (ACLs) |
CMW label |
DAC permission bits |
File system label range |
file user ID |
Forced and allowed privilege sets |
file group ID |
Audit preselection attributes |
|
Attribute flags |
|
Multilevel directory prefix |
User processes receive the Solaris and Trusted Solaris security attributes listed below from the user or role that started them and the workspace where they were started.
Chapter 2, Getting Started describes how to access process attribute flags.
Chapter 3, Privileges describes how to access process privilege sets.
Chapter 4, Labels describes how to access labels on processes.
Chapter 6, Process Clearance describes how to access the process clearance.
Process ID |
Process clearance |
Real and effective user ID |
CMW label |
Real and effective group ID |
Process attribute flags |
Supplementary group list |
Process privilege sets |
User audit ID |
|
Audit session ID |
|
umask (defines permission bits for files created by the process) |
The Trusted Security Information eXchange (TSIX) library provides access to the Trusted Solaris security attributes on data packets and communication endpoints. TSIX is based on Berkeley sockets and supports transport layer interface (TLI). Chapter 12, Trusted Security Information Exchange Library describes how to access security attributes on data packets and communication endpoints.
Effective user ID |
Sensitivity label |
Effective group ID |
Audit information |
Process ID |
Process clearance |
Network session ID |
Effective privilege set |
Supplementary group ID |
Process attribute flags |
Audit ID |
|
The Trusted X Window System stores the security attributes listed below. Chapter 14, Trusted X Window System describes how to access X Window System security attributes.
Window Server owner ID |
Sensitivity label |
User ID |
Internet address |
Group ID |
X Window Server clearance |
Process ID |
X Window Server minimum label |
Session ID |
Trusted Path window |
Audit ID |
The Trusted Path flag means the window is a trusted path window. The trusted path window is always the top-most window (such as the screen stripe or log in window), and protects the system against access by untrusted programs.