Trusted Extensions uses the same security mechanisms as Oracle Solaris. The mechanisms include the following:
Authorizations – Users of a program can be required to have a particular authorization. For information about authorizations, see Basics of User and Process Rights in Securing Users and Processes in Oracle Solaris 11.2 . Also, see the auth_attr(4) man page.
Privileges – Programs and processes can be assigned privileges. For information about privileges, see Chapter 1, About Using Rights to Control Users and Processes, in Securing Users and Processes in Oracle Solaris 11.2 . Also, see the privileges(5) man page.
The ppriv command provides a debugging utility. For details, see the ppriv(1) man page. For instructions on using this utility with programs that work in non-global zones, see Using the ppriv Utility in Creating and Using Oracle Solaris Zones .
Right Profiles – Rights profiles collect security attributes in one place for assignment to users or roles. For information about rights profiles, see More About Rights Profiles in Securing Users and Processes in Oracle Solaris 11.2 .
Trusted libraries – Dynamically shared libraries that are used by setuid, setgid, and privileged programs can be loaded only from trusted directories. As in Oracle Solaris, the crle command is used to add a privileged program's shared library directories to the list of trusted directories. For details, see the crle(1) man page.