JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Trusted Extensions User's Guide     Oracle Solaris 11.1 Information Library
search filter icon
search icon

Document Information

Preface

1.  Introduction to Trusted Extensions

What Is Trusted Extensions?

Trusted Extensions Protects Against Intruders

Access to the Trusted Computing Base Is Limited

Mandatory Access Control Protects Information

Peripheral Devices Are Protected

Programs That Spoof Users Are Prevented

Trusted Extensions Provides Discretionary and Mandatory Access Control

Discretionary Access Control

Mandatory Access Control

Sensitivity Labels and Clearances

Containers and Labels

Labels and Transactions

User Responsibilities for Protecting Data

Trusted Extensions Separates Information by Label

Single-Level or Multilevel Sessions

Session Selection Example

Labeled Workspaces

Enforcing MAC for Email Transactions

Erasing Data on Objects Prior to Object Reuse

Trusted Extensions Enables Secure Administration

Accessing Applications in Trusted Extensions

Administration by Role in Trusted Extensions

2.  Logging In to Trusted Extensions (Tasks)

3.  Working in Trusted Extensions (Tasks)

4.  Elements of Trusted Extensions (Reference)

Glossary

Index

Trusted Extensions Enables Secure Administration

In contrast to traditional UNIX systems, superuser (the root user) is not used to administer Trusted Extensions. Rather, administrative roles with discrete capabilities administer the system. In this way, no single user can compromise a system's security. A role is a special user account that provides access to certain applications with the rights that are necessary for performing the specific tasks. Rights include labels, authorizations, privileges, and effective UIDs/GIDs.

The following security practices are enforced on a system that is configured with Trusted Extensions:

Accessing Applications in Trusted Extensions

In Trusted Extensions, you can access only those programs that you need to do your job. As in the Oracle Solaris OS, an administrator provides access by assigning one or more rights profiles to your account. A rights profile is a special collection of programs and security attributes. These security attributes enable successful use of the program that is in the rights profile.

The Oracle Solaris OS provides security attributes such as privileges and authorizations. Trusted Extensions provides labels. Any of these attributes, if missing, can prevent use of the program or parts of the program. For example, a rights profile might include an authorization that enables you to read a database. A rights profile with different security attributes might be required for you to modify the database or read information that is classified as Confidential.

The use of rights profiles that contain programs with associated security attributes helps prevent users from misusing programs and from damaging data on the system. If you need to perform tasks that override the security policy, the administrator can assign to you a rights profile that contains the necessary security attributes. If you are prevented from running a certain task, check with your administrator. You might be missing required security attributes.

In addition, the administrator might assign you a profile shell as your login shell. A profile shell is a special version of a common shell that provides access to a particular set of applications and capabilities. Profile shells are a feature of the Oracle Solaris OS. For details, see the pfexec(1) man page.


Note - If you try to run a program and receive a Not Found error message or if you try to run a command and receive a Not in Profile error message, you might not be permitted to use this program. Check with your security administrator.


Administration by Role in Trusted Extensions

Trusted Extensions recommends the use of roles for administration. Make sure that you know who is performing which set of duties at your site. The following are common roles: