openSolaris 2008 - - Solaris Trusted Extensions Administrator's Procedures

D

DAC, See discretionary access control (DAC)

databases

devices, Trusted CDE Actions

in LDAP, Using a Naming Service in Trusted Extensions

trusted network, Network Configuration Databases in Trusted Extensions

datasets, See ZFS

deallocate command, Command Line Tools in Trusted Extensions

deallocating, forcing, How to Revoke or Reclaim a Device in Trusted Extensions

debugging, See troubleshooting

deciding

to configure as a role or as superuser, Make System and Security Decisions Before Enabling Trusted Extensions

to use a Sun-supplied encodings file, Make System and Security Decisions Before Enabling Trusted Extensions

decisions to make

based on site security policy, Site Security Policy and Trusted Extensions

before enabling Trusted Extensions, Make System and Security Decisions Before Enabling Trusted Extensions

default routes, specifying for labeled zones, Add a Network Interface That Does Not Use the Global Zone to Route an Existing Labeled Zone

deleting, labeled zones, How to Remove Trusted Extensions From the System

desktops

accessing multilevel remotely, How to Use Xvnc to Remotely Access a Trusted Extensions System

logging in to a failsafe session, How to Log In to a Failsafe Session in Trusted Extensions

workspace color changes, How to Enter the Global Zone in Trusted Extensions

/dev/kmem kernel image file, security violation, Evaluating Software for Security

developer responsibilities, Developer Responsibilities When Creating Trusted Programs

Device Allocation Manager

administrative tool, Administration Tools for Trusted Extensions

description, Device Allocation Manager GUI

use by administrators, How to Configure a Device in Trusted Extensions

device allocation

authorizing, How to Assign Device Authorizations

overview, Device Protection With Trusted Extensions Software

preventing File Manager display, How to Prevent the File Manager From Displaying After Device Allocation

profiles that include allocation authorizations, How to Assign Device Authorizations

device-clean scripts

adding to devices, How to Add a Device_Clean Script in Trusted Extensions

requirements, Device-Clean Scripts

device databases, action for editing, Trusted CDE Actions

devices

access policy, Device Access Policies

accessing, Device Allocation Manager GUI

adding customized authorizations, How to Add Site-Specific Authorizations to a Device in Trusted Extensions

adding device_clean script, How to Add a Device_Clean Script in Trusted Extensions

administering with Device Allocation Manager, How to Configure a Device in Trusted Extensions

administering, Managing Devices for Trusted Extensions (Tasks)

allocating, Device Protection With Trusted Extensions Software

automatically starting an audio player, How to Configure an Audio Player Program for Use in Trusted CDE

configuring devices, How to Configure a Device in Trusted Extensions

configuring serial line, How to Configure a Serial Line for Logins

creating new authorizations, How to Create New Device Authorizations

in Trusted Extensions, Devices in Trusted Extensions (Overview)

policy defaults, Device Access Policies

preventing remote allocation of audio, How to Protect Nonallocatable Devices in Trusted Extensions

protecting nonallocatable, How to Protect Nonallocatable Devices in Trusted Extensions

protecting, Device Allocation Manager

reclaiming, How to Revoke or Reclaim a Device in Trusted Extensions

setting label range for nonallocatable, Effects of Label Range on a Device

setting policy, Device Access Policies

setting up audio, How to Configure an Audio Player Program for Use in Trusted CDE

troubleshooting, How to Revoke or Reclaim a Device in Trusted Extensions

using, Using Devices in Trusted Extensions (Task Map)

dfstab file

action for editing, Trusted CDE Actions

for public zone, Access to NFS Mounted Directories in Trusted Extensions

differences

administrative interfaces in Trusted Extensions, Administrative Interfaces in Trusted Extensions

between Trusted Extensions and Solaris auditing, Trusted Extensions and Auditing

between Trusted Extensions and Solaris OS, Differences Between Trusted Extensions and the Solaris OS

defaults in Trusted Extensions, Tighter Security Defaults in Trusted Extensions

extending Solaris interfaces, Solaris Interfaces Extended by Trusted Extensions

limited options in Trusted Extensions, Limited Options in Trusted Extensions

directories

accessing lower-level, Zones in Trusted Extensions

authorizing a user or role to change label of, How to Enable a User to Change the Security Level of Data

for naming service setup, Populate the Sun Java System Directory Server

mounting, How to Share Directories From a Labeled Zone

sharing, How to Share Directories From a Labeled Zone

disabling, Trusted Extensions, How to Remove Trusted Extensions From the System

discretionary access control (DAC), Trusted Extensions and Access Control

diskettes, accessing, Device Protection With Trusted Extensions Software

displaying

labels of file systems in labeled zone, How to Display the Labels of Mounted Files

status of every zone, How to Display Ready or Running Zones

DOI, remote host templates, Network Security Attributes in Trusted Extensions

domain of interpretation (DOI), entry in /etc/system file, Configure the Domain of Interpretation

dominance of labels, Dominance Relationships Between Labels

Downgrade DragNDrop or CutPaste Info authorization, How to Create a Rights Profile for Convenient Authorizations

Downgrade File Label authorization, How to Create a Rights Profile for Convenient Authorizations

downgrading labels, configuring rules for selection confirmer, sel_config File

dpadm service, Install the Sun Java System Directory Server

DragNDrop or CutPaste without viewing contents authorization, How to Create a Rights Profile for Convenient Authorizations

dsadm service, Install the Sun Java System Directory Server

dtappsession command, Command Line Tools in Trusted Extensions

dtsession command, running updatehome, .copy_files and .link_files Files

dtterm terminal, forcing the sourcing of .profile, How to Configure Startup Files for Users in Trusted Extensions

dtwm command, Trusted Processes in the Window System

E

Edit Encodings action, Trusted CDE Actions

editing

system files, How to Change Security Defaults in System Files

using trusted editor, How to Edit Administrative Files in Trusted Extensions

enabling

DOI different from 1

Configure the Domain of Interpretation

What's New in Trusted Extensions

dpadm service, Install the Sun Java System Directory Server

dsadm service, Install the Sun Java System Directory Server

IPv6 network, Enable IPv6 Networking in Trusted Extensions

keyboard shutdown, How to Change Security Defaults in System Files

labeld service, Enable Solaris Trusted Extensions

LDAP administration from a client, Enable the Solaris Management Console to Accept Network Communications

Trusted Extensions on a Solaris system, Enable Solaris Trusted Extensions

encodings file, See label_encodings file

error messages

troubleshooting

Enable Solaris Trusted Extensions

Labeled Zone Is Unable to Access the X Server

/etc/default/kbd file, how to edit, How to Change Security Defaults in System Files

/etc/default/login file, how to edit, How to Change Security Defaults in System Files

/etc/default/passwd file, how to edit, How to Change Security Defaults in System Files

/etc/default/print file, How to Enable Users to Print PostScript Files in Trusted Extensions

/etc/dfs/dfstab file for public zone, Access to NFS Mounted Directories in Trusted Extensions

/etc/dfs/dfstab file, Trusted CDE Actions

/etc/dt/config/sel_config file

sel_config File

/etc/hosts file

How to Add Hosts to the System's Known Network

How to Assign a Security Template to a Host or a Group of Hosts

/etc/motd file, action for editing, Trusted CDE Actions

/etc/nsswitch.conf file, Trusted CDE Actions

/etc/resolv.conf file, Trusted CDE Actions

/etc/rmmount.conf file

How to Configure an Audio Player Program for Use in Trusted CDE

How to Prevent the File Manager From Displaying After Device Allocation

/etc/security/audit_class file, Trusted CDE Actions

/etc/security/audit_control file, Trusted CDE Actions

/etc/security/audit_event file, Trusted CDE Actions

/etc/security/audit_startup file, Trusted CDE Actions

/etc/security/policy.conf file

policy.conf File Defaults in Trusted Extensions

How to Modify policy.conf Defaults

enabling PostScript printing, How to Enable Users to Print PostScript Files in Trusted Extensions

how to edit, How to Change Security Defaults in System Files

/etc/security/tsol/label_encodings file, Label Encodings File

/etc/system file

modifying for DOI different from 1, Configure the Domain of Interpretation

modifying for IPv6 network, Enable IPv6 Networking in Trusted Extensions

evaluating programs for security, Evaluating Software for Security

exporting, See sharing