Solaris Trusted Extensions Installation and Configuration

ProcedureMake System and Security Decisions Before Installing Trusted Extensions

For each system on which Solaris Trusted Extensions is going to be configured, make these configuration decisions before installing the packages.

  1. Decide how securely the system hardware needs to be protected.

    At a secure site, this step has been done for every installed Solaris system.

    • For SPARC systems, a PROM security level and password has been provided.

    • For x86 systems, the BIOS is protected.

    • On all systems, root is protected with a password.

  2. Prepare your label_encodings file.

    If you have a site-specific label_encodings file, the file must be checked and installed before other configuration tasks can be started. If your site does not have a label_encodings file, you can use the default file that Sun supplies. Sun also supplies other label_encodings files, which you can find in the /etc/security/tsol directory. The Sun files are demonstration files. They might not be suitable for production systems.

    To customize a file for your site, see Solaris Trusted Extensions Label Administration.

  3. From the list of labels in your label_encodings file, make a list of the labeled zones you need to create.

    For the default label_encodings file, the labels are the following, and the zone names can be similar to the following:

    Label 

    Zone Name 

    PUBLIC

    public

    CONFIDENTIAL : INTERNAL

    internal

    CONFIDENTIAL : NEED TO KNOW

    needtoknow

    CONFIDENTIAL : RESTRICTED

    restricted

    For ease of NFS mounting, the zone name of a particular label must be identical on every system. Some systems, such as multilevel print servers, do not need to have labeled zones installed. However, if you do install labeled zones on a print server, the zone names must be identical to the zone names of other systems on your network.

  4. Decide when to create roles.

    Your site's security policy can require you to administer Trusted Extensions by assuming a role. If so, or if you are configuring the system to satisfy criteria for an evaluated configuration, you must create roles early in the configuration process.

    If you are not required to configure the system by using roles, you can choose to configure the system as superuser. This method of configuration is less secure. Audit records do not indicate which user was superuser during configuration. Superuser can perform all tasks on the system, while a role can perform a more limited set of tasks. Therefore, configuration is more controlled when being performed by roles.

  5. Choose a zone creation method.

    You can create zones from scratch, copy zones, or clone zones. These methods differ in speed of creation, disk space requirements, and robustness. For the trade-offs, see Planning for Zones in Trusted Extensions.

  6. Plan your LDAP configuration.

    Using local files for administration is practical for non-networked systems.

    LDAP is the naming service for a networked environment. A populated LDAP server is required when you configure several machines.

    • If you have an existing Sun JavaTM System Directory Server (LDAP server), you can create an LDAP proxy server on a system that is running Trusted Extensions. The multilevel proxy server handles communications with the unlabeled LDAP server.

    • If you do not have an LDAP server, you can configure a system that runs Trusted Extensions software as a multilevel LDAP server.

  7. Decide other security issues for each system and for the network.

    For example, you might want to consider the following security issues:

    • Determine which devices can be attached to the system and allocated for use.

    • Identify which printers at what labels are accessible from the system.

    • Identify any systems that have a limited label range, such as a gateway system or a public kiosk.

    • Identify which labeled systems can communicate with particular unlabeled systems.