The programming interfaces for accessing CMW labels, file system label ranges, file privileges, and multilevel directories are described briefly in "Trusted Solaris Security Mechanisms" and in more detail in their respective chapters in this guide.
ACLs - Because ACLs are part of the Solaris operating environment, they are not described in this guide.
Audit preselection attributes - Audit preselection attributes are specified for a file system from the command line by the system administrator with setfsattr(1M). File system audit preselection attributes specify auditing on file permission bits. A file system can be configured so its files and directories are audited when access (read, write, or execute) succeeds or fails.
Audit preselection attributes are specified for a process from the command line by the system administrator with auditconfig(1M). File system preselection attributes override the process preselection attributes. For example, a process that is audited for reads on files is not audited for reads on files that have file system preselection audit attributes that specify not to audit reads. See Trusted Solaris Audit Administration for more information.