Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com
Answertopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

Solaris Trusted Extensions Administrator's Procedures
Previous Next

What's New in Trusted Extensions

Solaris Express Community Edition – In this release, Trusted Extensions provides the following features:

  • The Trusted Extensions shared IP stack allows default routes to isolate labeled zones from each other and from the global zone.

  • The loopback interface, lo0, is an all-zones interface.

  • Separation of duty can be enforced by role. The System Administrator role creates users, but cannot assign passwords. The Security Administrator role assigns passwords, but cannot create users. For details, see Create Rights Profiles That Enforce Separation of Duty.

  • This guide includes a list of Trusted Extensions man pages in Appendix E, List of Trusted Extensions Man Pages.

Solaris Express Developer Edition 1/08 – In this release, Trusted Extensions provides the following features:

  • The service management facility (SMF) manages Trusted Extensions as the svc:/system/labeld service. By default, the labeld service is disabled. When the service is enabled, the system must still be configured and rebooted to enforce Trusted Extensions security policies.

  • The CIPSO Domain of Interpretation (DOI) number that your system uses is configurable.

  • Trusted Extensions recognizes CIPSO labels in NFS Version 3 (NFSv3) mounted file systems, as well as in NFS Version 4 (NFSv4). Therefore, you can mount NFSv3 file systems on a Trusted Extensions system as a labeled file system. To use udp as an underlying protocol for multilevel mounts in NFSv3, see How to Configure a Multilevel Port for NFSv3 Over udp.

  • The name service cache daemon, nscd, can be configured to run in every labeled zone at the label of the zone.

Previous Next

 
 
  Published under the terms fo the Public Documentation License Version 1.01. Design by Interspire