Document Information
Preface
Part I Initial Configuration of Trusted Extensions
1. Security Planning for Trusted Extensions
2. Configuration Roadmap for Trusted Extensions
3. Adding Solaris Trusted Extensions Software to the Solaris OS (Tasks)
4. Configuring Trusted Extensions (Tasks)
5. Configuring LDAP for Trusted Extensions (Tasks)
6. Configuring a Headless System With Trusted Extensions (Tasks)
Part II Administration of Trusted Extensions
7. Trusted Extensions Administration Concepts
8. Trusted Extensions Administration Tools
9. Getting Started as a Trusted Extensions Administrator (Tasks)
10. Security Requirements on a Trusted Extensions System (Overview)
11. Administering Security Requirements in Trusted Extensions (Tasks)
12. Users, Rights, and Roles in Trusted Extensions (Overview)
13. Managing Users, Rights, and Roles in Trusted Extensions (Tasks)
14. Remote Administration in Trusted Extensions (Tasks)
15. Trusted Extensions and LDAP (Overview)
16. Managing Zones in Trusted Extensions (Tasks)
17. Managing and Mounting Files in Trusted Extensions (Tasks)
18. Trusted Networking (Overview)
19. Managing Networks in Trusted Extensions (Tasks)
20. Multilevel Mail in Trusted Extensions (Overview)
21. Managing Labeled Printing (Tasks)
22. Devices in Trusted Extensions (Overview)
23. Managing Devices for Trusted Extensions (Tasks)
24. Trusted Extensions Auditing (Overview)
25. Software Management in Trusted Extensions (Tasks)
A. Site Security Policy
Creating and Managing a Security Policy
Site Security Policy and Trusted Extensions
Computer Security Recommendations
Physical Security Recommendations
Personnel Security Recommendations
Common Security Violations
Additional Security References
B. Using CDE Actions to Install Zones in Trusted Extensions
Associating Network Interfaces With Zones by Using CDE Actions (Task Map)
Preparing to Create Zones by Using CDE Actions (Task Map)
Creating Labeled Zones by Using CDE Actions (Task Map)
C. Configuration Checklist for Trusted Extensions
Checklist for Configuring Trusted Extensions
D. Quick Reference to Trusted Extensions Administration
Administrative Interfaces in Trusted Extensions
Solaris Interfaces Extended by Trusted Extensions
Tighter Security Defaults in Trusted Extensions
Limited Options in Trusted Extensions
E. List of Trusted Extensions Man Pages
Trusted Extensions Man Pages in Alphabetical Order
Solaris Man Pages That Are Modified by Trusted Extensions
Glossary
Index
|
F
- failsafe session, logging in, How to Log In to a Failsafe Session in Trusted Extensions
- fallback mechanism
- for remote hosts, Configuring Trusted Network Databases (Task Map)
- in tnrhdb, Trusted Network Fallback Mechanism
- using for network configuration, Configuring Trusted Network Databases (Task Map)
- File Manager, preventing display after device allocation, How to Prevent the File Manager From Displaying After Device Allocation
- file systems
- mounting in global and labeled zones, NFS Mounts in Trusted Extensions
- NFS mounts, NFS Mounts in Trusted Extensions
- NFSv3, What's New in Trusted Extensions
- sharing in global and labeled zones, NFS Mounts in Trusted Extensions
- sharing, Sharing and Mounting Files in Trusted Extensions
- files and file systems
- mounting, How to Share Directories From a Labeled Zone
- naming, How to Share Directories From a Labeled Zone
- sharing, How to Share Directories From a Labeled Zone
- files
- accessing from dominating labels, How to Display the Labels of Mounted Files
- authorizing a user or role to change label of, How to Enable a User to Change the Security Level of Data
- backing up, How to Back Up Files in Trusted Extensions
- .copy_files
- Command Line Tools in Trusted Extensions
- .copy_files and .link_files Files
- How to Configure Startup Files for Users in Trusted Extensions
- copying from removable media, How to Copy Files From Portable Media in Trusted Extensions
- editing with trusted editor, How to Edit Administrative Files in Trusted Extensions
- /etc/default/kbd, How to Change Security Defaults in System Files
- /etc/default/login, How to Change Security Defaults in System Files
- /etc/default/passwd, How to Change Security Defaults in System Files
- /etc/default/print, How to Enable Users to Print PostScript Files in Trusted Extensions
- /etc/dfs/dfstab, Trusted CDE Actions
- /etc/dt/config/sel_config, sel_config File
- /etc/motd, Trusted CDE Actions
- /etc/nsswitch.conf, Trusted CDE Actions
- /etc/resolv.conf, Trusted CDE Actions
- /etc/rmmount.conf, How to Configure an Audio Player Program for Use in Trusted CDE
- /etc/security/audit_class, Trusted CDE Actions
- /etc/security/audit_control, Trusted CDE Actions
- /etc/security/audit_event, Trusted CDE Actions
- /etc/security/audit_startup, Trusted CDE Actions
- /etc/security/policy.conf
- policy.conf File Defaults in Trusted Extensions
- How to Modify policy.conf Defaults
- How to Enable Users to Print PostScript Files in Trusted Extensions
- /etc/security/tsol/label_encodings, Trusted CDE Actions
- getmounts, How to Display the Labels of Mounted Files
- getzonelabels, How to Display Ready or Running Zones
- .gtkrc-mine, How to Lengthen the Timeout When Relabeling Information
- .link_files
- Command Line Tools in Trusted Extensions
- .copy_files and .link_files Files
- How to Configure Startup Files for Users in Trusted Extensions
- loopback mounting, How to Loopback Mount a File That Is Usually Not Visible in a Labeled Zone
- office-install-directory/VCL.xcu, How to Lengthen the Timeout When Relabeling Information
- policy.conf, How to Change Security Defaults in System Files
- PostScript, How to Enable Users to Print PostScript Files in Trusted Extensions
- preventing access from dominating labels, How to Disable the Mounting of Lower-Level Files
- relabeling privileges, How to Enable Files to be Relabeled From a Labeled Zone
- resolv.conf, Make the Global Zone an LDAP Client in Trusted Extensions
- restoring, How to Restore Files in Trusted Extensions
- sel_config file, sel_config File
- startup, How to Configure Startup Files for Users in Trusted Extensions
- /usr/dt/config/sel_config
- Trusted CDE Actions
- sel_config File
- /usr/lib/lp/postscript/tsol_separator.ps, Labeled Printer Output
- /usr/sbin/txzonemgr
- Administration Tools for Trusted Extensions
- Zone Administration Utilities in Trusted Extensions
- VCL.xcu, How to Lengthen the Timeout When Relabeling Information
- finding
- label equivalent in hexadecimal, How to Obtain the Hexadecimal Equivalent for a Label
- label equivalent in text format, How to Obtain a Readable Label From Its Hexadecimal Form
- Firefox, lengthening timeout when relabeling, How to Lengthen the Timeout When Relabeling Information
- floppies, See diskettes
- floppy disks, See diskettes
- Front Panel, Device Allocation Manager, Device Allocation Manager GUI
G
- gateways
- accreditation checks, Gateway Accreditation Checks
- example of, Gateways in Trusted Extensions
- getlabel command, Command Line Tools in Trusted Extensions
- getmounts script, How to Display the Labels of Mounted Files
- Getting Started as a Trusted Extensions Administrator (Task Map), Getting Started as a Trusted Extensions Administrator (Task Map)
- getzonelabels script, How to Display Ready or Running Zones
- getzonepath command, Command Line Tools in Trusted Extensions
- global zone
- difference from labeled zones, Zones in Trusted Extensions
- entering, How to Enter the Global Zone in Trusted Extensions
- exiting, How to Exit the Global Zone in Trusted Extensions
- remote login by users, How to Enable Specific Users to Log In Remotely to the Global Zone in Trusted Extensions
- GNOME ToolKit (GTK) library, lengthening timeout when relabeling, How to Lengthen the Timeout When Relabeling Information
- groups
- deletion precautions, Group Administration
- security requirements, Group Administration
- .gtkrc-mine file, How to Lengthen the Timeout When Relabeling Information
H
- Handling Devices in Trusted Extensions (Task Map), Handling Devices in Trusted Extensions (Task Map)
- Handling Other Tasks in the Solaris Management Console (Task Map), Handling Other Tasks in the Solaris Management Console (Task Map)
- hardware planning, Planning System Hardware and Capacity for Trusted Extensions
- Headless System Configuration in Trusted Extensions (Task Map), Headless System Configuration in Trusted Extensions (Task Map)
- hextoalabel command
- Command Line Tools in Trusted Extensions
- How to Obtain a Readable Label From Its Hexadecimal Form
- hiding labels from users, How to Hide Labels From a User
- home directories
- accessing, Zones in Trusted Extensions
- creating server for, Create the Home Directory Server in Trusted Extensions
- creating
- Creating Home Directories in Trusted Extensions
- Home Directory Creation in Trusted Extensions
- logging in and getting, Enable Users to Access Their Home Directories in Trusted Extensions
- host types
- networking
- Trusted Extensions Data Packets
- Host Type and Template Name in Security Templates
- remote host templates, Network Security Attributes in Trusted Extensions
- table of templates and protocols, Host Type and Template Name in Security Templates
- hosts
- assigning a template
- Configuring Trusted Network Databases (Task Map)
- Configuring Trusted Network Databases (Task Map)
- assigning to security template, How to Assign a Security Template to a Host or a Group of Hosts
- entering in network files, How to Add Hosts to the System's Known Network
- networking concepts, Trusted Network Communications
- specifying labels, Specify Labels for Network Interfaces by Using the Solaris Management Console
- hot key, regaining control of desktop focus, How to Regain Control of the Desktop's Current Focus
|
