test

Oracle Solaris Trusted Extensions Label Administration

ProcedureHow to Add or Rename a Classification

Before You Begin

You must be in the Security Administrator role in the global zone.

  1. Edit the label_encodings file.

    Use the Edit Encodings action. For details, see How to Create a label_encodings File.

  2. Specify a version number.

    In the VERSION= section put your site's name, a title for the file, a version number and the date.


    VERSION= Sun Microsystems, Inc. Example Version - 5.10 04/05/28

    Trusted Extensions uses SCCS keywords for the version number and the date. For details, see the sccs(1) man page.


    VERSION= Sun Microsystems, Inc. Example Version - %I% %E%

  3. Specify the classification.

    In the CLASSIFICATIONS section, supply the long name, short name, and numeric value for the new classification.


    name= NEW_CLASS; sname= N; value= 2;

  4. Include the new classification in the accreditation range.

    Add the new classification to the ACCREDITATION RANGE section.

    The following example shows three new classifications added to the ACCREDITATION RANGE section. Each classification is specified with all compartment combinations valid.


    ACCREDITATION RANGE:

classification= UNCLASSIFIED;        all compartment combinations valid;

* i is new in this file
classification= INTERNAL_USE_ONLY;   all compartment combinations valid;

* n is new in this file
classification= NEED_TO_KNOW;        all compartment combinations valid;

classification= CONFIDENTIAL;        all compartment combinations valid except:
c
c a
c b

classification= SECRET;               only valid compartment combinations:
. . .
* r is new in this file
classification= REGISTERED;           all compartment combinations valid;

  5. Adjust the ACCREDITATION RANGE section if necessary.

    You might need to make the new classification a minimum classification.


    minimum clearance= u; 
minimum sensitivity label= u; 
minimum protect as classification= u;
    Note –

    Make sure that you set a minimum clearance that is dominated by all the clearances that you plan to assign to users. Similarly, make sure that the minimum sensitivity label is dominated by all the minimum labels that you plan to assign to users.

  6. Save your changes.