Index
A
- abbreviations used in interface names
Abbreviations Used in Interface Names and Data Structure
Names
- access
- checks for
- networkCommunication Endpoints
- socketsAF_UNIX Family
- network
- file labelsPrivileged Operations and Labels
- guidelines for labelsPrivileged Operations and Labels
- multilevel port connectionsMultilevel Port Information
- checks for
- ADMIN_HIGH labelLabels in the Global Zone
- ADMIN_LOW labelLabels in the Global Zone
- APIs
- clearance labelClearance Label APIs
- declarationsTrusted Extensions API Reference
- examples of Trusted Extensions in Oracle SolarisUnderstanding Labels
- for Oracle Solaris that use Trusted Extensions parametersOracle Solaris Library Routines and System Calls
That Use Trusted Extensions Parameters
- for zone labels and zone pathsLabeled Zones
- introduction toSensitivity Labels
- label rangeLabel Range APIs
- process security attribute flagsProcess Security Attribute Flags APIs
- RPCRPC APIs
- security APIs from Oracle Solaris OSTrusted Extensions APIs
- sensitivity labelSensitivity Label APIs
- clearance label
- applications
- testing and debuggingDeveloping, Testing, and Debugging an Application
- testing and debugging
B
- bldominates() routine
- code exampleDetermining the Relationship Between Two Labels
- declarationComparing Labels
- code example
- blequal() routine
- code exampleDetermining the Relationship Between Two Labels
- declarationComparing Labels
- code example
- blinrange() routine
- declaration
- blmaximum() routine
- declarationComparing Labels
- declaration
- blminimum() routine
- declarationComparing Labels
- declaration
- blstrictdom() routine
- code exampleDetermining the Relationship Between Two Labels
- declarationComparing Labels
- code example
- brange_t typeLabel APIs
C
- classifications
- clearance componentClearance Labels
- disjointLabel Relationships
- dominantLabel Relationships
- equalLabel Relationships
- label componentSensitivity Labels
- strictly dominantLabel Relationships
- clearance component
- clearance labelsClearance Labels
- clearances
- disjoint labelsLabel Relationships
- dominant labelsLabel Relationships
- equal labelsLabel Relationships
- sessionClearance Labels
- strictly dominant labelsLabel Relationships
- userClearance Labels
- disjoint labels
- code examples
- file systems
- obtaining labelObtaining a File Label
- obtaining label
- label relationshipsDetermining the Relationship Between Two Labels
- label_encodings file
- obtaining character-coded color namesObtaining the Color Names of
Labels
- obtaining character-coded color names
- labels
- obtaining on file systemObtaining a File Label
- obtaining process labelObtaining a Process Label
- obtaining on file system
- set file sensitivity labelSetting a File Sensitivity Label
- file systems
- communication endpoints
- access checksCommunication Endpoints
- connections describedBerkeley Sockets and TLI
- access checks
- compartments
- clearance componentClearance Labels
- disjointLabel Relationships
- dominantLabel Relationships
- equalLabel Relationships
- label componentSensitivity Labels
- strictly dominantLabel Relationships
- clearance component
- compile
- label librariesLabel APIs
- label libraries
D
- DAC (discretionary access control)Interprocess Communications
- data types
- label APIsLabel APIs
- label APIs
- debugging
- definitions of termsUnderstanding Labels
- determining whether a system is labeled
- disjoint labelsLabel Relationships
- dominant labels
- downgrading labels
- guidelinesPrivileged Operations and Labels
- privileges neededPrivileged Operations and Labels
- guidelines
E
- equal labelsLabel Relationships
- examples of Trusted Extensions APIs in Oracle SolarisUnderstanding Labels
F
- fgetlabel() system call
- declarationObtaining and Setting the Label of a File
- declaration
- file_dac_search privilege
- overriding access to parent directory of zone's root directoryWrite-Down Policy in the Global Zone
- overriding access to parent directory of zone's root directory
- file_downgrade_sl privilegePrivileged Operations and Labels
- file_owner privilegePrivileged Operations and Labels
- files
- label privilegesPrivileged Operations and Labels
- label privileges
G
- getdevicerange() routine
- declarationObtaining Label Ranges
- declaration
- getlabel() system call
- code exampleObtaining a File Label
- declarationObtaining and Setting the Label of a File
- code example
- getlabel commandSetting a File Sensitivity Label
- code exampleDetermining the Relationship Between Two Labels
- code example
- getpathbylabel() routine
- declarationAccessing Labels in Zones
- declaration
- getplabel() routine
- code example
- declarationAccessing the Process Sensitivity Label
- getuserrange() routine
- declarationObtaining Label Ranges
- declaration
- getzoneidbylabel() routine
- declarationAccessing Labels in Zones
- declaration
- getzonelabelbyid() routine
- declarationAccessing Labels in Zones
- declaration
- getzonelabelbyname() routine
- declarationAccessing Labels in Zones
- declaration
- getzonerootbyid() routine
- declarationAccessing Labels in Zones
- declaration
- getzonerootbylabel() routine
- declarationAccessing Labels in Zones
- declaration
- getzonerootbyname() routine
- declarationAccessing Labels in Zones
- declaration
- global zone
- controlling multilevel operationsMultilevel Operations
- labels inLabels in the Global Zone
- mounts inWrite-Down Policy in the Global Zone
- controlling multilevel operations
H
- header files
- label APIsLabel APIs
- locations, list ofHeader File Locations
- label APIs
I
- interface names
- abbreviations used inAbbreviations Used in Interface Names and Data Structure
Names
- abbreviations used in
- IPC (interprocess communication)Interprocess Communications
- is_system_labeled() routine
- declarationDetecting a Trusted Extensions System
- declaration
L
- label APIs
- descriptionsLabel APIs
- for zone labels and zone pathsLabeled Zones
- introduction toSensitivity Labels
- labels
- code examplesLabel Code Examples
- code examples
- list ofLabel APIs
- RPCRPC APIs
- descriptions
- label data types
- label rangesLabel APIs
- sensitivity labelsLabel APIs
- label ranges
- label rangesLabel Ranges
- file systems
- data structureLabel APIs
- data structure
- overviewLabel APIs
- file systems
- label_encodings file
- API declarationsLabel APIs
- color namesObtaining the Color Names of
Labels
- API declarations
- label_to_str() routine
- code exampleObtaining the Color Names of
Labels
- code example
- labeled zonesLabeled Zones
- labeling_disable() routine
- labeling_enable() routine
- labeling_set_encodings() routine
- declarationSetting the Label Encodings File
- declaration
- labels
- acquiringAcquiring a Sensitivity Label
- ADMIN_HIGHLabels in the Global Zone
- ADMIN_LOWLabels in the Global Zone
- API declarationsLabel APIs
- disablingLabel APIs
- enablingLabel APIs
- label_encodings fileLabel APIs
- labelsLabel APIs
- levelsLabel APIs
- network databasesLabel APIs
- rangesLabel APIs
- zonesLabel APIs
- disabling
- components ofSensitivity Labels
- definition ofLabel Relationships
- disjointLabel Relationships
- dominantLabel Relationships
- downgrading guidelinesPrivileged Operations and Labels
- in global zoneLabels in the Global Zone
- privileged tasksPrivileged Operations and Labels
- privileges
- downgrading labelsPrivileged Operations and Labels
- upgrading labelsPrivileged Operations and Labels
- downgrading labels
- strictly dominantLabel Relationships
- types
- clearanceClearance Labels
- sensitivitySensitivity Labels
- clearance
- upgrading guidelinesPrivileged Operations and Labels
- user processesAcquiring a Sensitivity Label
- acquiring
- libraries, compile
- label APIsLabel APIs
- label APIs
- library routines
- API declarationsSystem Calls and Library Routines in Trusted Extensions
- bldominates()Comparing Labels
- blequal()Comparing Labels
- blinrange()
- blmaximum()Comparing Labels
- blminimum()Comparing Labels
- blstrictdom()Comparing Labels
- getdevicerange()Obtaining Label Ranges
- getpathbylabel()Accessing Labels in Zones
- getplabel()Accessing the Process Sensitivity Label
- getuserrange()Obtaining Label Ranges
- getzoneidbylabel()Accessing Labels in Zones
- getzonelabelbyid()Accessing Labels in Zones
- getzonelabelbyname()Accessing Labels in Zones
- getzonerootbyid()Accessing Labels in Zones
- getzonerootbylabel()Accessing Labels in Zones
- getzonerootbyname()Accessing Labels in Zones
- is_system_labeled()Detecting a Trusted Extensions System
- labeling_disable()Enabling and Disabling a Trusted Extensions System
- labeling_enable()Enabling and Disabling a Trusted Extensions System
- labeling_set_encodings()Setting the Label Encodings File
- m_label_alloc()Allocating and Freeing Memory for Labels
- m_label_dup()Allocating and Freeing Memory for Labels
- m_label_free()Allocating and Freeing Memory for Labels
- setflabel()Obtaining and Setting the Label of a File
- str_to_label()Translating Between Labels and Strings
- tsol_getrhtype()Obtaining the Remote Host Type
- ucred_getlabel()Accessing the Process Sensitivity Label
- API declarations
M
- m_label_alloc() routine
- code exampleDetermining the Relationship Between Two Labels
- declarationAllocating and Freeing Memory for Labels
- code example
- m_label_dup() routine
- declarationAllocating and Freeing Memory for Labels
- declaration
- m_label_free() routine
- declarationAllocating and Freeing Memory for Labels
- declaration
- m_label_t typeLabel APIs
- MAC (mandatory access control)Interprocess Communications
- making socket exempt fromMAC-Exempt Sockets
- making socket exempt from
- multilevel operations
- security policy forMultilevel Operations
- security policy for
- multilevel ports
- using with UDPUsing Multilevel Ports With UDP
- using with UDP
N
- net_bindmlp privilegeMultilevel Port Information
- net_mac_aware privilegeMAC-Exempt Sockets
- network security policy
- defaultDefault Network Policy
- default
- networks
- security attributesMultilevel Ports
- security attributes
- non-global zonesLabeled Zones
O
- Oracle Solaris
- examples of Trusted Extensions APIsUnderstanding Labels
- interfaces, API declarationsOracle Solaris Library Routines and System Calls
That Use Trusted Extensions Parameters
- examples of Trusted Extensions APIs
P
- PORTMAPPER serviceRPC Mechanism
- ports
- multilevelMultilevel Port Information
- single-levelMultilevel Port Information
- multilevel
- privileged tasks
- multilevel port connectionsMultilevel Port Information
- multilevel port connections
- privileges
- file_dac_readPrivileged Operations and Labels
- file_dac_writePrivileged Operations and Labels
- file_downgrade_sl
- file_ownerPrivileged Operations and Labels
- file_upgrade_sl
- net_mac_aware
- sys_trans_labelPrivileged Operations and Labels
- file_dac_read
- process clearances
- labels definedLabel Relationships
- labels defined
- processes
- binding to multilevel portsMultilevel Ports
- in labeled zonesLabeled Zones
- multilevel initiated in global zoneMultilevel Operations
- writing down from global zoneWrite-Down Policy in the Global Zone
- binding to multilevel ports
R
- relationships between labelsLabel Relationships
- remote host
- RPC (remote procedure call)RPC Mechanism
S
- SCM_UCREDUsing Multilevel Ports With UDP
- security attribute flags
- API declarationsProcess Security Attribute Flags APIs
- API declarations
- security attributes
- accessing labelsPrivileged Operations and Labels
- labels from remote hostsMultilevel Ports
- accessing labels
- security policy
- communication endpointsCommunication Endpoints
- definition ofUnderstanding Labels
- global zoneLabels in the Global Zone
- label guidelinesPrivileged Operations and Labels
- multilevel operationsMultilevel Operations
- multilevel portsMultilevel Port Information
- networkDefault Network Policy
- socketsAF_UNIX Family
- translating labelsPrivileged Operations and Labels
- write-down in global zoneWrite-Down Policy in the Global Zone
- communication endpoints
- sensitivity labels
- setflabel() routine
- code exampleSetting a File Sensitivity Label
- declarationObtaining and Setting the Label of a File
- code example
- setpflags() system callMAC-Exempt Sockets
- single-level ports
- description ofMultilevel Port Information
- description of
- SO_MAC_EXEMPT optionMAC-Exempt Sockets
- SO_RECVUCRED optionMultilevel Ports
- sockets
- access checksCommunication Endpoints
- exempt from MACMAC-Exempt Sockets
- access checks
- SOL_SOCKETUsing Multilevel Ports With UDP
- str_to_label() routine
- code exampleSetting a File Sensitivity Label
- code example
- strictly dominant labelsLabel Relationships
- sys_trans_label privilegePrivileged Operations and Labels
- system calls
- API declarationsSystem Calls and Library Routines in Trusted Extensions
- fgetlabel() routineObtaining and Setting the Label of a File
- getlabel() routineObtaining and Setting the Label of a File
- API declarations
T
- terms
- definitions ofUnderstanding Labels
- definitions of
- testing and debugging applicationsDeveloping, Testing, and Debugging an Application
- text
- color namesObtaining the Color Names of
Labels
- color names
- tninfo commandDetecting a Trusted Extensions System
- translation
- privileges neededPrivileged Operations and Labels
- privileges needed
- Trusted Extensions APIs
- Oracle Solaris examplesUnderstanding Labels
- Oracle Solaris examples
- tsol_getrhtype() routine
- declarationObtaining the Remote Host Type
- declaration
U
- ucred_getlabel() routine
- declarationAccessing the Process Sensitivity Label
- declaration
- upgrading labels
- guidelinesPrivileged Operations and Labels
- privileges neededPrivileged Operations and Labels
- guidelines
Z
- zones
- APIs for zone labels and zone pathsLabeled Zones
- in Trusted ExtensionsZones and Labels
- labeledZones and Labels
- mounts and the global zoneWrite-Down Policy in the Global Zone
- multilevel portsMultilevel Ports
- APIs for zone labels and zone paths