Security Requirements When Administering Trusted Extensions

In Trusted Extensions, roles are the conventional way to administer the system. Typically, superuser is not used. Roles are created just as they are in the Solaris OS, and most tasks are performed by roles. In Trusted Extensions, the root user is not used to perform administrative tasks.

The following roles are typical of a Trusted Extensions site:

• root role – Created by the initial setup team

• Security Administrator role – Created during or after initial configuration by the initial setup team

• System Administrator role – Created by the Security Administrator role

As in the Solaris OS, you might also create a Primary Administrator role, an Operator role, and so on. With the exception of the root role, the roles that you create can be administered in a naming service.

As in the Solaris OS, only users who have been assigned a role can assume that role. In Solaris Trusted Extensions (CDE), you can assume a role from a desktop menu called the Trusted Path menu. In Solaris Trusted Extensions (GNOME), you can assume a role when your user name is displayed in the Trusted Stripe. The role choices appear when you click your user name.

Role Creation in Trusted Extensions

To administer Trusted Extensions, you create roles that divide system and security functions. The initial setup team created the Security Administrator role during configuration. For details, see Create the Security Administrator Role in Trusted Extensions.

The process of creating a role in Trusted Extensions is identical to the Solaris OS process. As described in Chapter 8, Trusted Extensions Administration Tools, the Solaris Management Console is the GUI for managing roles in Trusted Extensions.

• For an overview of role creation, see Chapter 10, Role-Based Access Control (Reference), in System Administration Guide: Security Services and Using RBAC (Task Map) in System Administration Guide: Security Services.

• To create a powerful role that is equivalent to superuser, see Creating the Primary Administrator Role in System Administration Guide: Basic Administration. At sites that use Trusted Extensions, the Primary Administrator role might violate security policy. These sites would turn root into a role, and create a Security Administrator role.

• To create the root role, see How to Make root User Into a Role in System Administration Guide: Security Services.

• To create roles by using the Solaris Management Console, see How to Create and Assign a Role by Using the GUI in System Administration Guide: Security Services.

Role Assumption in Trusted Extensions

Unlike the Solaris OS, Trusted Extensions provides an Assume Rolename Role menu item from the Trusted Path menu. After confirming the role password, the software activates a role workspace with the trusted path attribute. Role workspaces are administrative workspaces. Such workspaces are in the global zone.