The Trusted Solaris operating environment supports the same files and directories, most of the file system types, and all of the file system management commands in the Solaris operating environment. The Trusted Solaris environment adds security attributes. Whenever a file or directory is accessed, Solaris and Trusted Solaris security attributes are checked for access decisions. The Trusted Solaris environment provides the following features and constraints on files and file systems:
No order requirements are imposed on the labels of directories in a pathname.
Files and directories can be created only at the same label as the containing directory.
Privileged subjects can create files and directories and relabel existing files and directories at any valid label to create upgraded or downgraded objects.
See "To Change Labels and Privileges With the File Manager".
The system can be configured to show the names of upgraded files and directories. By default, their names are not visible.
To make the names are visible, the Security Administrator role changes the setting of the tsol_hide_upgraded_names
switch in the /etc/system file as described in "To Change Configurable Kernel Switch Settings".
Directory names are cleared when a directory is removed. Clearing the names meets the object reuse requirement that the names of removed directories should no longer be accessible.
Multilevel directories (MLDs) appear in the file system as ordinary directories with a flag identifying them as MLDs.
MLDs require no privilege to create, delete, or use.
Read-down access to single-label directories (SLD)s within an MLD permits an unprivileged process to combine information from SLDs at its own and lower labels.
If an MLD is mounted by a single-label computer, an SLD is mounted. The SLD corresponds to the label administratively assigned to the single-label computer in the trusted networking databases.
If, for example, a user's home directory is automounted on an unlabeled computer, only the SLD with the default label assigned to the computer in the Security Families template is mounted. For example, if the default label for the computer is INTERNAL_USE_ONLY, then only the SLD at INTERNAL_USE_ONLY is mounted on the unlabeled computer.