Trusted X Window System Environment
A system that is configured with Solaris Trusted Extensions uses the Solaris
Trusted Extensions CDE, which is an enhanced version of the Common Desktop
Environment (CDE). The Solaris Trusted Extensions CDE uses the Trusted Extensions X
Window System. The Trusted Extensions X Window System includes protocol extensions to
support mandatory access control (MAC), discretionary access control (DAC), and the use
of privileges.
Data transfer sessions are polyinstantiated, meaning that they are instantiated at different
sensitivity labels and user IDs. Polyinstantiation ensures that data in an unprivileged
client at one sensitivity label or user ID is not transferred to
another client at another sensitivity label or user ID. Such a transfer
might violate the Trusted X Window System DAC policies and the MAC
policies of write-equal and read-down.
The Trusted Extensions X Window System APIs enable you to obtain and
set security-related attribute information. These APIs also enable you to translate labels
to strings by using a font list and width to apply a
style to the text string output. For example, the font might be
14-point, bold Helvetica. These interfaces are usually called by administrative applications that
are written with Motif widgets, Xt Intrinsics, Xlib, and CDE interfaces.
Obtaining security-related information – These interfaces operate at the Xlib level where X protocol requests are made. Use Xlib interfaces to obtain data for the input parameter values.
Translating labels to strings – These interfaces operate at the Motif level. The input parameters are the label, a font list that specifies the appearance of the text string output, and the desired width. A compound string of the specified style and width is returned.
For declarations of these routines, see Trusted Extensions X Window System APIs.