Go to main content

Securing Files and Verifying File Integrity in Oracle® Solaris 11.4

Exit Print View

Updated: August 2018
 
 

Overall Process for Configuring Labeling

Because Oracle Solaris does not ship sensitive data, all files after installation are at the same label. You should apply labels to your files that contain sensitive information, such as financial data and personnel data.

    Perform the following tasks to configure labeled file systems for sensitive data:

  1. Install the file_labeling package

    This package is not part of a group installation. For the procedure, see How to Install Labels in Oracle Solaris.

  2. Determine the coverage of your label policy

    For considerations, see Customizing a Label Policy.

  3. Create the label policy

    You set the default clearance for SMF services and customize a label encodings file. Oracle Solaris provides two sample encodings files. You can copy and modify one of these files, or create an encodings file from scratch.

  4. Create labeled file systems

    An upper bound label is dynamically computed for each labeled file system. Whenever a file is upgraded, the new label is combined with the current upper bound. A labeled file system retains its upper bound even if all labeled files are reset or removed.

  5. Assign labels, called clearances, to users whose clearances should differ from the default

    Administrators assign higher clearances to the few users who have the authority to access labeled files. On a system with labeled files, only a user whose clearance dominates files in the labeled file system can view or modify those dominated files. The administrator might also assign a lower clearance to guest users.

  6. Authorize selected users to upgrade or downgrade files.

    By default, only the root role can change the label of a file. The Object Label Management profile grants both upgrade and downgrade rights. You can also authorize users or roles to only upgrade or only downgrade information.

  7. Configure the auditing of labeled files

    Actions on sensitive files need to be monitored. For most file systems, file-read audit events are not preselected because they add many unimportant events to the audit trail. However, for labeled files, file-read events can be important. Options to the audit service enable you to preselect file-read audit events for labeled files only, thus auditing actions that are important with respect to labeled files but are not important for unlabeled files. Additionally, the file_labeling package includes the /usr/demo/tsol script that you can use to display daily audit records for local files. To protect the audit trail from snooping, you can create a labeled file system for the audit trail.

  8. Reboot to start user processes and SMF services at the new clearances.

  9. Test the configuration.

    After configuring labeled file systems, you can harden the configuration, as described in About Hardening Labeled File Systems.

  1. Create labeled file systems for audit records and for core files.

  2. Create a zone for labeled file systems.

  3. Create zone login accounts for users who can access the labeled files in the zone.

  4. Make the zone immutable.