| Skip Navigation Links | |
| Exit Print View | |
|
Trusted Extensions Developer's Guide Oracle Solaris 11.1 Information Library |
| Skip Navigation Links | |
| Exit Print View | |
|
|
Trusted Extensions Developer's Guide Oracle Solaris 11.1 Information Library |
1. Trusted Extensions APIs and Security Policy
4. Interprocess Communications
Administrative Web Guard Prototype
Modifying the label_encodings File
Configuring Trusted Networking
Configuring the Apache Web Servers
Running the Trusted Web Guard Demonstration
Accessing Lower-Level Untrusted Servers
8. Experimental Java Bindings for the Solaris Trusted Extensions Label APIs
This chapter describes the configuration of a safe web browsing prototype called Web Guard. Web Guard is configured to isolate a web server and its web content to prevent attacks from the Internet.
The Web Guard prototype described in this chapter is not a complete solution. Rather, the prototype is intended to demonstrate how multilevel ports can be used to proxy URL requests across label boundaries. A more complete solution would include authentication, data filtering, auditing, and so on.
The primary implementation of the prototype is administrative. The prototype uses multilevel ports, trusted networking, and Apache web server configuration to set up Web Guard. In addition to the administrative example, you can use some programmatic methods to set up the safe web browsing prototype.
This chapter covers the following topics:
|