Trusted Extensions uses the same security features that Oracle Solaris provides, and adds some features. For example, the Oracle Solaris OS provides eeprom protection, password requirements and strong password algorithms, system protection by locking out a user, and protection from keyboard shutdown.
Trusted Extensions differs from Oracle Solaris in that you typically administer systems by assuming a limited role.
In Trusted Extensions, roles are the conventional way to administer the system. Superuser is the root role, and is required for few tasks, such as setting audit flags, changing an account's password, and editing system files. Roles are created just as they are in Oracle Solaris.
The following roles are typical of a Trusted Extensions site:
root role – Created at Oracle Solaris installation
Security Administrator role – Created during or after initial configuration by the initial setup team
System Administrator role – Created during or after initial configuration by the initial setup team
To administer Trusted Extensions, you create roles that divide system and security functions.
The process of creating a role in Trusted Extensions is identical to the Oracle Solaris process. By default, roles are assigned the administrative label range of ADMIN_HIGH to ADMIN_LOW.
For an overview of role creation, see Assigning Rights to Users in Securing Users and Processes in Oracle Solaris 11.3.
To create roles, see Creating Roles and Users in Trusted Extensions.
On the trusted desktop, you can assume an assigned role by clicking your user name in the trusted stripe for the role choices. After confirming the role password, the current workspace is changed into a role workspace. A role workspace is in the global zone and has the trusted path attribute. Role workspaces are administrative workspaces.
In Trusted Extensions, you can extend existing security features. Also, Trusted Extensions provides unique security features.
The following security mechanisms that Oracle Solaris provides are extensible in Trusted Extensions as they are in Oracle Solaris:
Audit classes – Adding audit classes is described in Chapter 3, Managing the Audit Service in Managing Auditing in Oracle Solaris 11.3.
Roles and rights profiles – Adding roles and rights profiles is described in Chapter 3, Assigning Rights in Oracle Solaris in Securing Users and Processes in Oracle Solaris 11.3.
Authorizations – For an example of adding a new authorization, see Customizing Device Authorizations in Trusted Extensions.
As in Oracle Solaris, privileges cannot be extended.
Trusted Extensions provides the following unique security features:
Labels – Subjects and objects are labeled. Processes are labeled. Zones and the network are labeled. Workspaces and their objects are labeled.
Device Manager – By default, devices are protected by allocation requirements. The Device Manager GUI is the interface for administrators and for regular users.
Change Password menu – This menu enables you to change your user or role password.
Change Workspace Label menu – Users in multilevel sessions can change the workspace label. Users can be required to provide a password when entering a workspace of a different label.
Selection Manager dialog box – Authorized users in multilevel sessions can upgrade or downgrade information to a different label.
TrustedExtensionsPolicy file – Administrators can change the policy on X server extensions that are unique to Trusted Extensions. For more information, see the TrustedExtensionsPolicy(4) man page.