Document Information
Preface
Part I Initial Configuration of Trusted Extensions
1. Security Planning for Trusted Extensions
2. Configuration Roadmap for Trusted Extensions
3. Adding Solaris Trusted Extensions Software to the Solaris OS (Tasks)
4. Configuring Trusted Extensions (Tasks)
5. Configuring LDAP for Trusted Extensions (Tasks)
6. Configuring a Headless System With Trusted Extensions (Tasks)
Part II Administration of Trusted Extensions
7. Trusted Extensions Administration Concepts
8. Trusted Extensions Administration Tools
9. Getting Started as a Trusted Extensions Administrator (Tasks)
10. Security Requirements on a Trusted Extensions System (Overview)
11. Administering Security Requirements in Trusted Extensions (Tasks)
12. Users, Rights, and Roles in Trusted Extensions (Overview)
13. Managing Users, Rights, and Roles in Trusted Extensions (Tasks)
14. Remote Administration in Trusted Extensions (Tasks)
15. Trusted Extensions and LDAP (Overview)
16. Managing Zones in Trusted Extensions (Tasks)
17. Managing and Mounting Files in Trusted Extensions (Tasks)
18. Trusted Networking (Overview)
19. Managing Networks in Trusted Extensions (Tasks)
20. Multilevel Mail in Trusted Extensions (Overview)
21. Managing Labeled Printing (Tasks)
22. Devices in Trusted Extensions (Overview)
23. Managing Devices for Trusted Extensions (Tasks)
24. Trusted Extensions Auditing (Overview)
25. Software Management in Trusted Extensions (Tasks)
A. Site Security Policy
Creating and Managing a Security Policy
Site Security Policy and Trusted Extensions
Computer Security Recommendations
Physical Security Recommendations
Personnel Security Recommendations
Common Security Violations
Additional Security References
B. Using CDE Actions to Install Zones in Trusted Extensions
Associating Network Interfaces With Zones by Using CDE Actions (Task Map)
Preparing to Create Zones by Using CDE Actions (Task Map)
Creating Labeled Zones by Using CDE Actions (Task Map)
C. Configuration Checklist for Trusted Extensions
Checklist for Configuring Trusted Extensions
D. Quick Reference to Trusted Extensions Administration
Administrative Interfaces in Trusted Extensions
Tighter Security Defaults in Trusted Extensions
Limited Options in Trusted Extensions
E. List of Trusted Extensions Man Pages
Trusted Extensions Man Pages in Alphabetical Order
Solaris Man Pages That Are Modified by Trusted Extensions
Glossary
Index
|
Solaris Interfaces Extended by Trusted Extensions
Trusted Extensions adds to existing Solaris configuration files, commands, and GUIs: - Administrative commands
Trusted Extensions adds options to selected Solaris commands. For a list, see Table 8-5. - Configuration files
Trusted Extensions adds two privileges, net_mac_aware and net_mlp. For the use of net_mac_aware, see Access to NFS Mounted Directories in Trusted Extensions. Trusted Extensions adds authorizations to the auth_attr database. For a list, see Additional Rights and Authorizations in Trusted Extensions in Solaris Trusted Extensions Transition Guide. Trusted Extensions adds executables, including CDE actions, to the exec_attr database. Trusted Extensions modifies existing rights profiles in the prof_attr database. It also adds profiles to the database. Trusted Extensions adds CDE actions to the executables that can be privileged in the exec_attr database. Trusted Extensions adds fields to the policy.conf database. For the fields, see policy.conf File Defaults in Trusted Extensions. Trusted Extensions adds audit tokens, audit events, audit classes, and audit policy options. For a list, see Trusted Extensions Audit Reference. - Solaris Management Console
Trusted Extensions adds a Security Templates tool to the Computers and Networks tool set. Trusted Extensions adds a Trusted Network Zones tool to the Computers and Networks tool set. Trusted Extensions adds a Trusted Extensions Attributes tab to the Users tool and the Administrative Roles tool. - Shared directories from zones
Trusted Extensions enables you to share directories from labeled zones. The directories are shared at the label of the zone by creating an /etc/dfs/dfstab file from the global zone.
|
