1. Index

Index

Symbols  Numerics  A  B  C  D  E  F  G  H  I  K  L  M  N  O  P  Q  R  S  T  U  V  W  Z  

Symbols

  • /etc/vfstab file 1.7.1
  • . (dot)
    • displaying hidden files 1.6.2
  • - (minus sign)
    • file permissions symbol 1.2.6
    • file type symbol 1.2.2
  • + (plus sign)
    • file permissions symbol 1.2.6
  • = (equal sign)
    • file permissions symbol 1.2.6

Numerics

  • 32-bit executables
    • protecting from compromising security 1.5

A

  • absolute mode
    • changing file permissions 1.2.6, 1.6.6
    • changing special file permissions 1.6.7
    • description 1.2.6
    • setting special permissions 1.2.6
  • access
    • restricting by label 3.1, 3.5
    • security
      • UFS ACLs 1.4
      • ZFS file attributes 1.3
    • user clearance to labeled files 3.1.4
  • Access Control Lists (ACLs) 1.3
  • accessing
    • hardened zones 3.3
    • labeled file systems 3.1.4
    • labeled NFS mounts 3.1.4.1
    • processes whose label you dominate 3.2
  • account-policy SMF stencil 1.2.5, 3.6.2.2
  • ACL
  • aclinherit property 2.1.4
  • ACLs
    • access privileges 2.1.2
    • ACL inheritance 2.1.3, 2.3
    • aclinherit property 2.1.4
    • description 2.1
    • description of entries 2.1.2
    • entry types 2.1.2
    • formats 2.1.1
    • interaction with permission bits 2.2.3
    • rights required for chmod 2.3
    • rights required to change 2.2.3
    • setting on ZFS files
    • trivial ACLs on ZFS files
  • ADMIN_HIGH label 3.1.1
  • ADMIN_LOW label 3.1.1
  • administering
  • administrators
    • labeling sensitive data 3.6.1
  • appendonly ZFS file attribute 1.3
  • archiving
  • assigning
  • attributes
  • audit files
  • auditing
  • authorizations
    • solaris.admin.edit/etc/vfstab 1.7.1

B

C

D

  • data
    • identifying for labeling 3.2.3
    • labeling sensitive data 3.6.1
  • databases
    • labeling $ORACLE_HOME directory 3.5
  • default encodings file
  • default label policy 3.2.1
  • defaults
  • defining
  • directories 1.2
    • changing permissions across symbolic links 1.6.8
    • displaying files and related information 1.2.1, 1.6.2
    • labeled 3.5
    • permissions
    • public directories 1.2.4.3
  • disabling
    • 32-bit executables that compromise security 1.5
  • disjoint labels
    • compliance encodings file and 3.9.2
    • defined 3.1.2.2
    • re-using compartment bits 3.10
  • displaying
  • dot (.)
    • displaying hidden files 1.6.2
  • downgrading
  • DTrace probes

E

  • encodings file
  • encodings files
  • equal sign (=)
    • file permissions symbol 1.2.6
  • executable stacks
    • protecting against 32-bit processes 1.5
  • execute permissions

F

G

  • groups
    • changing file ownership 1.6.4

H

  • hardening
    • labeled file systems 3.3
    • labeled zones 3.7.2
    • removing network interfaces 3.3
    • zones 3.3
  • hardening labeled file systems
    • procedures 3.7
  • hierarchical labels 3.1.2.2
  • hierarchy

I

  • identifying
  • immutable global zone
    • labeled file systems and 3.7.1
  • immutable ZFS file attribute 1.3
  • immutable zones
    • hardening configuration 3.3
    • labeled file systems and 3.5
  • installing
  • internal representation

K

  • keywords
    • attribute in BART 4.2.2

L

M

  • maintaining
    • labeled file systems 3.8
  • Maintenance and Repair rights profile 1.7.1
  • managing
    • file permissions 1.6
  • manifests 4.1.2.1
  • man pages
    • quick reference for label administrators 3.11
  • min_label value
  • minus sign (-)
    • file permissions symbol 1.2.6
    • symbol of file type 1.2.2
  • monitoring

N

  • naming
    • classifications and compartments 3.1.2.1
  • network interfaces
    • removing to prevent leakage 3.3
  • new features
    • in this release 1.1
  • NFS-mounted file systems
  • NFSv4 ACLs
  • nounlink ZFS file attribute 1.3

O

  • Object Access Management rights profile
  • Object Label Management rights profile 3.1.1
  • overlapping compartments 3.1.2.2
  • ownership of files

P

  • packages
    • installing customized labels 3.4
  • permissions
  • pkg:/system/file_labeling package 3.2.1, 3.6.2.1
  • planning
    • data loss protection 3.2
    • labeling sensitive data 3.2
    • label policy 3.2.3
  • plus sign (+)
    • file permissions symbol 1.2.6
  • preventing
    • data leakage 3.3
    • labeled mount failures 3.1.4.1
    • programs from compromising system 1.6.9
    • tmpfs filling up 1.7
  • privileges
    • changing labels 3.1.3
    • no override for access by label 3.1.4
  • process clearances 3.1.2
  • protecting
    • 32-bit executables from compromising security 1.5
    • system from risky programs 1.6.9
  • protecting files
    • user procedures 1.6.1
    • with UFS ACLs 1.4
    • with UNIX permissions 1.2, 1.6.1
    • ZFS file attributes and 1.3
  • protecting sensitive data
    • with labels 3.2
  • public directories

Q

R

  • readonly CIFS file attribute 1.3
  • read permissions
  • recursive changing of permissions 1.6.8
  • relationships between labels 3.1.2.2
  • reporting tool 4.1.2.2
  • reports (BART) 4.1
  • restricting
    • access to hardened zones 3.3
    • access to labeled data 3.2
    • size of tmpfs file system 1.7.1
  • rights profiles
    • changing ACLs 2.2.3
    • Maintenance and Repair 1.7.1
    • Object Label Management 3.1.1
  • rstchown system variable 1.6.3
  • rules file (BART) 4.1.2.3
  • rules file attributes 4.3.2.1
  • rules file format (BART) 4.3.2
  • rules file specification language 4.3.2.2

S

  • sample encodings files
    • viewing and testing 3.9
  • sandbox
  • security
    • BART considerations 4.2.1
    • protecting systems from risky programs 1.6.9
    • ZFS file attributes 1.3
  • sensitive ZFS file attribute 1.3
  • services
    • identifying for labeling 3.2.3
  • setgid permissions
  • setting
  • setuid permissions
  • shared file systems
  • sharing
  • solaris.admin.edit/etc/vfstabauthorization 1.7.1
  • Solaris ACLs 2.1, 2.1.3, 2.1.4
  • special permissions
  • sticky bit permissions
  • subcompartments compartment property 3.10
  • symbolic links
    • changing permissions on targets of 1.6.8
    • file permissions 1.2.3
  • symbolic mode
  • sys_trans_label privilege 3.1.3
  • system configuration
    • enforcing fixed 3.7.1
    • labels and immutable configuration 3.5
  • systems
    • protecting from risky programs 1.6.9
  • system security
    • protecting from risky programs 1.6.9
    • UFS ACLs 1.4
    • ZFS file attributes 1.3
  • system variables

T

  • task maps
    • Using BART task map 4.2
  • testing
    • compliance encodings file 3.9.2
    • default encodings file 3.9.1
    • encodings files 3.9
  • test manifests
  • textual representation
  • tmpfs file system
  • transferring
    • labeled files 3.8
    • labeled file systems 3.8
  • translating
    • between label representations 3.1.3
  • trivial ACLs 2.2.2
  • troubleshooting
    • finding files with setuid permissions 1.6.10

U

  • umask value
  • UNIX file permissions 1.2
  • upgrading
  • upper bound of labels
  • user classes of files 1.2.2
  • user clearance
    • displaying initial 3.2.2
  • user clearances 3.1.2
  • user procedures
  • users
  • using

V

  • variables
  • verbose output display of ACL information 2.2.1.1
  • verifying

W

  • write permissions

Z

  • ZFS datasets
  • ZFS file attributes 1.3
  • ZFS File System Management rights profile
  • zfs set command
  • zones