Oracle Solaris Trusted Extensions Configuration Guide

Devising a Configuration Strategy for Trusted Extensions

Allowing the root user to configure Trusted Extensions software is not a secure strategy. The following describes the configuration strategy from the most secure strategy to the least secure strategy:

Task division by role is shown in the following figure. The security administrator sets up auditing, protects file systems, sets device policy, determines which programs require privilege to run, and protects users, among other tasks. The system administrator shares and mounts file systems, installs software packages, and creates users, among other tasks.

Figure 1–1 Administering a Trusted Extensions System: Task Division by Role

Illustration shows the configuration team tasks, then
shows the tasks for the Security Administrator and the System Administrator.