JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Trusted Extensions Developer's Guide     Oracle Solaris 11.1 Information Library
search filter icon
search icon

Document Information

Preface

1.  Trusted Extensions APIs and Security Policy

2.  Labels and Clearances

3.  Label Code Examples

4.  Interprocess Communications

5.  Trusted X Window System

6.  Label Builder GUI

7.  Trusted Web Guard Prototype

8.  Experimental Java Bindings for the Solaris Trusted Extensions Label APIs

A.  Programmer's Reference

B.  Trusted Extensions API Reference

Index

Preface

Trusted Extensions Developer's Guide describes how to use the application programming interfaces (APIs) to write new trusted applications for systems that are configured with the Trusted Extensions feature of the Oracle Solaris OS. Readers must be familiar with UNIX programming and understand security policy concepts.

Note that the example programs in this book focus on the APIs being shown and do not perform error checking. Your applications should perform the appropriate error checking.

How the Trusted Extensions Books Are Organized

The Trusted Extensions documentation set supplements the documentation for the Oracle Solaris release. Review both sets of documentation for a more complete understanding of Trusted Extensions. The Trusted Extensions documentation set consists of the following books.

Book Title
Topics
Audience
Describes the basic features of Trusted Extensions. This book contains a glossary.
End users, administrators, developers
Part I describes how to prepare for, enable, and initially configure Trusted Extensions.

Part II describes how to administer a Trusted Extensions system. This book contains a glossary.

Administrators, developers
Describes how to develop applications with Trusted Extensions.
Developers, administrators
Provides information about how to specify label components in the label encodings file.
Administrators
Describes the syntax used in the label encodings file. The syntax enforces the various rules for well-formed labels for a system.
Administrators

How This Book Is Organized

Chapter 1, Trusted Extensions APIs and Security Policy provides an overview of the Trusted Extensions APIs and describes how the security policy is enforced within the system.

Chapter 2, Labels and Clearances describes the data types and the APIs for managing labels on processes and on device objects. This chapter also describes clearances, how a process acquires a sensitivity label, and when label operations require privileges. Guidelines for handling labels are also provided.

Chapter 3, Label Code Examples provides sample code that uses the APIs for labels.

Chapter 4, Interprocess Communications provides an overview of how the security policy is applied to process-to-process communications within the same workstation and across the network.

Chapter 5, Trusted X Window System describes the data types and the APIs that enable administrative applications to access and modify security-related X Window System information. This chapter has a section of code examples.

Chapter 6, Label Builder GUI describes the tgnome-selectlabel utility, which creates a label builder graphical user interface (GUI) for building labels and clearances. This chapter has a section of code examples.

Chapter 7, Trusted Web Guard Prototype provides an example of a safe web browsing prototype that isolates a web server and its web content from an Internet attack.

Chapter 8, Experimental Java Bindings for the Solaris Trusted Extensions Label APIs describes an experimental set of Java classes and methods that mirror the label APIs that are provided with the Trusted Extensions software. This chapter also includes a pointer to the source code and build instructions, so you can use these APIs to create label-aware applications.

Appendix A, Programmer's Reference provides information about Trusted Extensions man pages, shared libraries, header files, and abbreviations used in data type names and in interface names. This appendix also provides information about preparing an application for release.

Appendix B, Trusted Extensions API Reference provides programming interface listings, including parameter and return value declarations.

Access to Oracle Support

Oracle customers have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired.

Typographic Conventions

The following table describes the typographic conventions that are used in this book.

Table P-1 Typographic Conventions

Typeface
Description
Example
AaBbCc123
The names of commands, files, and directories, and onscreen computer output
Edit your .login file.

Use ls -a to list all files.

machine_name% you have mail.

AaBbCc123
What you type, contrasted with onscreen computer output
machine_name% su

Password:

aabbcc123
Placeholder: replace with a real name or value
The command to remove a file is rm filename.
AaBbCc123
Book titles, new terms, and terms to be emphasized
Read Chapter 6 in the User's Guide.

A cache is a copy that is stored locally.

Do not save the file.

Note: Some emphasized items appear bold online.

Shell Prompts in Command Examples

The following table shows UNIX system prompts and superuser prompts for shells that are included in the Oracle Solaris OS. In command examples, the shell prompt indicates whether the command should be executed by a regular user or a user with privileges.

Table P-2 Shell Prompts

Shell
Prompt
Bash shell, Korn shell, and Bourne shell
$
Bash shell, Korn shell, and Bourne shell for superuser
#
C shell
machine_name%
C shell for superuser
machine_name#