Documentation Home
> Oracle Solaris Trusted Extensions Developer's Guide
Oracle Solaris Trusted Extensions Developer's Guide
Book Information
Index
A
B
C
D
E
F
G
H
I
J
L
M
N
O
P
R
S
T
U
W
X
Z
Preface
Chapter 1 Trusted Extensions APIs and Security Policy
Understanding Labels
Label Types
Sensitivity Labels
Clearance Labels
Label Ranges
Label Components
Label Relationships
Trusted Extensions APIs
Label APIs
How Labels Are Used in Access Control Decisions
Types of Label APIs
Sensitivity Label APIs
Clearance Label APIs
Label Range APIs
Trusted X Window System APIs
Label Builder APIs
Trusted Extensions Security Policy
Multilevel Operations
Write-Down Policy in the Global Zone
Default Security Attributes
Default Network Policy
Multilevel Ports
MAC-Exempt Sockets
Zones and Labels
Labels in the Global Zone
Labeled Zones
Chapter 2 Labels and Clearances
Privileged Operations and Labels
Label APIs
Detecting a Trusted Extensions System
Accessing the Process Sensitivity Label
Allocating and Freeing Memory for Labels
Obtaining and Setting the Label of a File
Obtaining Label Ranges
Accessing Labels in Zones
Obtaining the Remote Host Type
Translating Between Labels and Strings
Readable Versions of Labels
Label Encodings File
Comparing Labels
Acquiring a Sensitivity Label
Chapter 3 Label Code Examples
Obtaining a Process Label
Obtaining a File Label
Setting a File Sensitivity Label
Determining the Relationship Between Two Labels
Obtaining the Color Names of Labels
Obtaining Printer Banner Information
Chapter 4 Printing and the Label APIs
Printing Labeled Output
Designing a Label-Aware Application
Understanding the Multilevel Printing Service
get_peer_label() Label-Aware Function
Determining Whether the Printing Service Is Running in a Labeled Environment
Understanding the Remote Host Credential
Obtaining the Credential and Remote Host Label
Using the label_to_str() Function
Handling Memory Management
Using the Returned Label String
Validating the Label Request Against the Printer's Label Range
Chapter 5 Interprocess Communications
Multilevel Port Information
Communication Endpoints
Berkeley Sockets and TLI
AF_UNIX Family
AF_INET Family
RPC Mechanism
Using Multilevel Ports With UDP
Chapter 6 Trusted X Window System
Trusted X Window System Environment
Trusted X Window System Security Attributes
Trusted X Window System Security Policy
Root Window
Client Windows
Override-Redirect Windows
Keyboard, Pointer, and Server Control
Selection Manager
Default Window Resources
Moving Data Between Windows
Privileged Operations and the Trusted X Window System
Trusted Extensions X Window System APIs
Data Types for X11
Accessing Attributes
Accessing and Setting a Window Label
Accessing and Setting a Window User ID
Accessing and Setting a Window Property Label
Accessing and Setting a Window Property User ID
Accessing and Setting a Workstation Owner ID
Setting the X Window Server Clearance and Minimum Label
Working With the Trusted Path Window
Accessing and Setting the Screen Stripe Height
Setting Window Polyinstantiation Information
Working With the X11 Label-Clipping Interface
Using Trusted X Window System Interfaces
Obtaining Window Attributes
Translating the Window Label With the Font List
Obtaining a Window Label
Setting a Window Label
Obtaining the Window User ID
Obtaining the X Window Server Workstation Owner ID
Chapter 7 Label Builder APIs
APIs for Label Builder GUIs
Creating an Interactive User Interface
Label Builder Behavior
Keyboard Entry and Update Button
Radio Button Options
Reset Button
Cancel Button
Application-Specific Functionality for Label Builder
Privileged Operations and Label Builder
tsol_lbuild_create() Routine
Extended Label Builder Operations
ModLabelData Structure
Online Help for Label Builder
Chapter 8 Trusted Web Guard Prototype
Administrative Web Guard Prototype
Modifying the label_encodings File
Configuring Trusted Networking
Configuring the Apache Web Servers
Running the Trusted Web Guard Demonstration
Accessing Lower-Level Untrusted Servers
Chapter 9 Experimental Java Bindings for the Solaris Trusted Extensions Label APIs
Java Bindings Overview
Structure of the Experimental Java Label Interfaces
SolarisLabel Abstract Class
ClearanceLabel Subclass
SensitivityLabel Subclass
Range Class
Java Bindings
Detecting a Trusted Extensions System
Accessing the Process Sensitivity Label
Allocating and Freeing Memory for Label Objects
Obtaining and Setting the Label of a File
Obtaining Label Range Objects
Accessing Labels in Zones
Obtaining the Remote Host Type
Translating Between Labels and Strings
Comparing Label Objects
Appendix A Programmer's Reference
Header File Locations
Abbreviations Used in Interface Names and Data Structure Names
Developing, Testing, and Debugging an Application
Releasing an Application
Creating a CDE Action
Creating a Software Package
Appendix B Trusted Extensions API Reference
Process Security Attribute Flags APIs
Label APIs
Label-Clipping APIs
RPC APIs
Label Builder APIs
Trusted X Window System APIs
Oracle Solaris Library Routines and System Calls That Use Trusted Extensions Parameters
System Calls and Library Routines in Trusted Extensions
© 2010, Oracle Corporation and/or its affiliates