Contained Within
Find More Documentation
Featured Support Resources
|  PDF로 이 문서 다운로드
Preface
- The Solaris(TM) SHIELD(TM) Basic Security Module (BSM) provides the security features defined as C2 in the Trusted Computer System Evaluation Criteria (TCSEC). The features provided by the BSM are the security auditing subsystem and a device-allocation mechanism that provides the required object-reuse characteristics for removable or assignable devices. C2 discretionary-access control and identification and authentication features are provided by the standard Solaris system.
Who Should Use This Book
- SunSHIELD Basic Security Module Guide is intended for the system administrator whose duties include setting up and maintaining BSM. Familiarity with basic system administration concepts and with a text editor are helpful.
How This Book Is Organized
-
Chapter 1, "Installation," describes enabling and disabling the BSM. Topics covered include how to enable the Solaris system to use these additional security features, and how clients and servers interact in an enabled environment.
-
Chapter 2, "Administering Auditing," explains the system management and configuration of the auditing subsystem. Topics discussed include managing audit trail storage, determining global and per-user preselection, and setting site-specific configuration options.
-
Chapter 3, "Audit Trail Analysis," details processes for audit trail analysis and postprocessing. Topics discussed include overall audit record structure and formats, the audit trail printing utility, and the audit record selection and merging utility.
-
Chapter 4, "Device Allocation," describes the allocation mechanism for removable or assignable devices. Topics discussed include setting up and administering allocatable device files and use of the allocatation mechanism by nonprivileged users.
-
Appendix A, "Audit Record Descriptions," describes in detail the content of the audit records generated.
-
Appendix B, "BSM Reference," lists and describes the man pages added for the Solaris SHIELD Basic Security Module.
What Typographic Changes Mean
- The following table describes the typographic changes used in this book.
-
Table P-1
| Typeface or Symbol | Meaning | Example |
|
| AaBbCc123 | The names of commands, files, and directories; on-screen computer output | Edit your .login file. Use ls -a to list all files. machine_name% You have mail. |
-
Table P-1
| Typeface or Symbol | Meaning | Example |
| AaBbCc123 | What you type, contrasted
with on-screen computer
output | machine_name% su
Password: |
-
AaBbCc123 Command-line placeholder:
- To delete a file, type rm filename.
- replace with a real name or value
-
AaBbCc123 Book titles, new words or
- Read Chapter 6 in User's Guide.
-
| terms, or words to be | These are called class options. |
| emphasized | You must be root to do this. |
Shell Prompts in Command Examples
- The following table shows the default system prompt and superuser prompt for the C shell, Bourne shell, and Korn shell.
-
Table P-2
| Shell | Prompt |
|
| C shell prompt | machine_name% |
| C shell superuser prompt | machine_name# |
| Bourne shell and Korn shell prompt | $ |
| Bourne shell and Korn shell superuser prompt | # |
|
|
