Trusted Solaris Administrator's Procedures

Security Attributes on Files and Directories

The following attributes are present on objects in Solaris and Trusted Solaris file systems: User Id, Group Id, Permission Mode, and Access ACL (optional). Trusted Solaris files and directories have additional security attributes. The following table describes the extended security attributes provided in Trusted Solaris software.

Table 9-1 Trusted Solaris File and Directory Attributes


Extended Attributes	Description of Extended Trusted Solaris Attributes
Label	The label of the file or directory.
Forced Privileges	Optional. The set of privileges that an executable file is guaranteed to have available at start of execution. Must be a subset of the allowed privileges.
Allowed Privileges	Optional. The maximum set of privileges that an executable file is allowed to use during its execution. (Editing executable files causes them to lose all their privileges. Therefore, limiting the privileges that an executable can use to those in its allowed set provides a protection against Trojan Horses, since programs cannot use inheritable privileges if the programs have been edited.) Must be a superset of the forced privileges.
File Attribute Flag	Optional. The only supported file attribute flag is `public`. If the `public` flag is set, audit records are not generated when certain read operations are performed, even when these read operations are part of a preselected audit class, with one exception. If the audit pseudo-event for use of privilege (AUE_UPRIV) is included in a preselected audit class and if the operation involves the use of privilege, then an audit record is always generated.
Directory Attribute Flag	Optional. Flag indicating that a directory is an MLD