内に含ま
その他のドキュメント
サポート リソース
|  PDF 文書ファイルをダウンロードする (1197 KB)
| | | |
| A |
|
| abbreviations used in interface names (  ) |
|
| access |
| | checks for |
| | | network ( ) |
| | | sockets ( ) |
| | | Trusted X Window System ( ) |
| | file labels ( ) |
| | guidelines for labels ( ) |
| | multilevel port connections ( ) |
|
| ADMIN_HIGH label ( ) |
|
| ADMIN_LOW label ( ) |
|
| APIs |
| | clearance label ( ) |
| | declarations ( ) |
| | examples of Trusted Extensions in Solaris ( ) |
| | introduction to ( ) |
| | label clipping ( ) |
| | label range ( ) |
| | labels ( ) ( ) ( ) |
| | process security attribute flags ( ) |
| | RPC ( ) |
| | security APIs from Solaris OS ( ) |
| | sensitivity label ( ) |
| | for Solaris that use Trusted Extensions parameters ( ) |
| | Trusted X Window System ( ) ( ) ( ) ( ) |
| | for zone labels and zone paths ( ) |
|
| applications |
| | integrating ( ) |
| | releasing ( ) |
| | testing and debugging ( ) |
|
| atoms, predefined in X Window System ( ) |
|
| auditid field ( ) |
| | | |
| B |
|
| bldominates() routine |
| | code example ( ) |
| | declaration ( ) |
|
| blequal() routine |
| | code example ( ) |
| | declaration ( ) |
|
| blinrange() routine |
| | declaration ( ) ( ) |
|
| blmaximum() routine, declaration ( ) |
|
| blminimum() routine, declaration ( ) |
|
| blstrictdom() routine |
| | code example ( ) |
| | declaration ( ) |
|
| brange_t type ( ) |
| | | |
| C |
|
| classifications |
| | clearance component ( ) |
| | disjoint ( ) |
| | dominant ( ) |
| | equal ( ) |
| | label component ( ) |
| | strictly dominant ( ) |
|
| clearance labels ( ) |
|
| ClearanceLabel subclass ( ) |
|
| clearances |
| | disjoint labels ( ) |
| | dominant labels ( ) |
| | equal labels ( ) |
| | session ( ) |
| | strictly dominant labels ( ) |
| | user ( ) |
|
| code examples |
| | file systems |
| | | obtaining label ( ) |
| | getSocketPeer static factory |
| | | obtaining socket peer label ( ) |
| | label_encodings file |
| | | creating printer banner ( ) ( ) |
| | | obtaining character-coded color names ( ) |
| | label relationships ( ) |
| | labels |
| | | obtaining on file system ( ) |
| | | obtaining on window ( ) |
| | | obtaining process label ( ) |
| | | setting on window ( ) |
| | obtain socket peer label ( ) |
| | printer banner ( ) ( ) |
| | set file sensitivity label ( ) |
| | Trusted X Window System ( ) |
| | | obtaining window attributes ( ) |
| | | obtaining window label ( ) |
| | | obtaining window user ID ( ) |
| | | obtaining workstation owner ( ) |
| | | setting window label ( ) |
| | | translating with font list ( ) |
|
| communication endpoints |
| | access checks ( ) |
| | connections described ( ) |
|
| compartments |
| | clearance component ( ) |
| | disjoint ( ) |
| | dominant ( ) |
| | equal ( ) |
| | label component ( ) |
| | strictly dominant ( ) |
|
| compile |
| | label libraries ( ) |
| | Trusted X Window System libraries ( ) |
|
| connection requests |
| | security attributes ( ) |
| | security policy ( ) |
| | | |
| D |
|
| DAC (discretionary access control) ( ) ( ) |
|
| data types |
| | label APIs ( ) |
| | Trusted X Window System APIs ( ) |
|
| debugging, applications ( ) |
|
| definitions of terms ( ) |
|
| detecting a Trusted Extensions system ( ) |
|
| determining whether a system is labeled, example ( ) |
|
| devices, input device privileges ( ) |
|
| DGA (direct graphics access), privileges ( ) |
|
| disjoint labels ( ) |
|
| dominant labels ( ) ( ) |
|
| dominates method, declaration ( ) |
|
| downgrading labels |
| | guidelines ( ) |
| | privileges needed ( ) |
| | Trusted X Window System ( ) |
| | | |
| E |
|
| equal labels ( ) |
|
| equals method, declaration ( ) |
|
| examples of Trusted Extensions APIs in Solaris ( ) |
| | | |
| F |
|
| fgetlabel() system call, declaration ( ) |
|
| file_dac_search privilege, overriding access to parent directory of zone's root directory ( ) |
|
| file_downgrade_sl privilege ( ) |
|
| file_owner privilege ( ) |
|
| files, label privileges ( ) |
|
| fonts |
| | font list translation ( ) |
| | font path privileges ( ) |
| | | |
| G |
|
| get_peer_label() function ( ) |
|
| getClearanceLabel static factory, declaration ( ) |
|
| getdevicerange() routine, declaration ( ) |
|
| getDeviceRange static factory, declaration ( ) |
|
| getFileLabel static factory |
| | declaration ( ) ( ) |
|
| getlabel() system call |
| | code example ( ) |
| | declaration ( ) |
|
| getlabel command ( ) |
| | code example ( ) |
|
| getLabelRange static factory, declaration ( ) |
|
| getLower method, declaration ( ) |
|
| getMaximum method |
| | declaration ( ) ( ) ( ) |
|
| getMinimum method |
| | declaration ( ) ( ) ( ) |
|
| getpathbylabel() routine, declaration ( ) |
|
| getplabel() routine |
| | code example ( ) ( ) ( ) |
| | declaration ( ) |
|
| getSensitivityLabel static factory |
| | code example ( ) |
| | declaration ( ) |
|
| getSocketPeer static factory |
| | code example ( ) |
| | declaration ( ) |
|
| getUpper method, declaration ( ) |
|
| getuserrange() routine, declaration ( ) |
|
| getUserRange static factory, declaration ( ) |
|
| getzoneidbylabel() routine, declaration ( ) |
|
| getzonelabelbyid() routine, declaration ( ) |
|
| getzonelabelbyname() routine, declaration ( ) |
|
| getzonerootbyid() routine, declaration ( ) |
|
| getzonerootbylabel() routine, declaration ( ) |
|
| getzonerootbyname() routine, declaration ( ) |
|
| gid field ( ) |
|
| global zone |
| | controlling multilevel operations ( ) |
| | labels in ( ) |
| | mounts in ( ) |
|
| GUIs, Xlib objects ( ) |
| | | |
| H |
|
| header files |
| | label APIs ( ) |
| | locations, list of ( ) |
| | Trusted X Window System APIs ( ) |
| | | |
| I |
|
| iaddr field ( ) |
|
| inRange method |
| | declaration ( ) ( ) |
|
| integrating an application ( ) |
|
| interface names, abbreviations used in ( ) |
|
| IPC (interprocess communication) ( ) |
|
| is_system_labeled() routine |
| | declaration ( ) |
| | example ( ) |
| | | |
| J |
|
| Java bindings |
| | classes ( ) |
| | ClearanceLabel subclass ( ) |
| | Range class ( ) |
| | SensitivityLabel subclass ( ) |
| | SolarisLabel abstract class ( ) |
|
| Java methods |
| | dominates ( ) |
| | equals ( ) |
| | getLower ( ) |
| | getMaximum ( ) ( ) ( ) |
| | getMinimum ( ) ( ) ( ) |
| | getUpper ( ) |
| | inRange ( ) ( ) |
| | setFileLabel ( ) |
| | strictlyDominates ( ) |
| | toCaveats ( ) |
| | toChannels ( ) |
| | toColor ( ) |
| | toFooter ( ) |
| | toHeader ( ) |
| | toInternal ( ) |
| | toProtectAs ( ) |
| | toRootPath ( ) |
| | toString ( ) |
| | toText ( ) |
| | toTextLong ( ) |
| | toTextShort ( ) |
|
| Java static factories |
| | getClearanceLabel ( ) |
| | getDeviceRange ( ) |
| | getFileLabel ( ) ( ) |
| | getLabelRange ( ) |
| | getSensitivityLabel ( ) |
| | getSocketPeer ( ) |
| | getUserRange ( ) |
| | | |
| L |
|
| label APIs ( ) |
| | introduction to ( ) |
| | label clipping ( ) |
| | labels |
| | | code examples ( ) |
| | list of ( ) |
| | RPC ( ) |
| | Trusted X Window System ( ) ( ) ( ) |
| | windows ( ) |
| | for zone labels and zone paths ( ) |
|
| label clipping |
| | API declaration ( ) ( ) |
| | translating with font list ( ) |
|
| label data types |
| | label ranges ( ) |
| | sensitivity labels ( ) |
|
| label_encodings file |
| | API declarations ( ) |
| | color names ( ) |
| | non-English ( ) |
|
| label ranges ( ) |
| | file systems |
| | | data structure ( ) |
| | overview ( ) |
|
| label_to_str() routine |
| | code example ( ) ( ) ( ) |
| | declaration ( ) |
|
| labeled zones ( ) |
|
| labels |
| | acquiring ( ) |
| | ADMIN_HIGH ( ) |
| | ADMIN_LOW ( ) |
| | API declarations ( ) |
| | | label clipping ( ) |
| | | label_encodings file ( ) |
| | | labels ( ) |
| | | levels ( ) |
| | | network databases ( ) |
| | | ranges ( ) |
| | | zones ( ) |
| | components of ( ) |
| | definition of ( ) |
| | disjoint ( ) |
| | dominant ( ) |
| | downgrading guidelines ( ) |
| | in global zone ( ) |
| | objects ( ) ( ) ( ) |
| | privileged tasks ( ) |
| | privileges |
| | | downgrading labels ( ) |
| | | upgrading labels ( ) |
| | ranges ( ) ( ) |
| | relationships ( ) ( ) |
| | strictly dominant ( ) |
| | types |
| | | clearance ( ) |
| | | sensitivity ( ) |
| | upgrading guidelines ( ) |
| | user processes ( ) |
|
| libraries, Trusted X Window System APIs ( ) |
|
| libraries, compile, label APIs ( ) |
|
| library routines |
| | API declarations ( ) |
| | bldominates() ( ) |
| | blequal() ( ) |
| | blinrange() ( ) ( ) |
| | blmaximum() ( ) |
| | blminimum() ( ) |
| | blstrictdom() ( ) |
| | getdevicerange() ( ) |
| | getpathbylabel() ( ) |
| | getplabel() ( ) |
| | getuserrange() ( ) |
| | getzoneidbylabel() ( ) |
| | getzonelabelbyid() ( ) |
| | getzonelabelbyname() ( ) |
| | getzonerootbyid() ( ) |
| | getzonerootbylabel() ( ) |
| | getzonerootbyname() ( ) |
| | is_system_labeled() ( ) |
| | label_to_str() ( ) ( ) ( ) ( ) |
| | m_label_alloc() ( ) |
| | m_label_dup() ( ) |
| | m_label_free() ( ) |
| | setflabel() ( ) |
| | str_to_label() ( ) |
| | tsol_getrhtype() ( ) |
| | ucred_getlabel() ( ) |
| | XQueryExtension() ( ) |
| | XTSOLgetClientAttributes() ( ) |
| | XTSOLgetPropAttributes() ( ) |
| | XTSOLgetPropLabel() ( ) |
| | XTSOLgetPropUID() ( ) |
| | XTSOLgetResAttributes() ( ) |
| | XTSOLgetResLabel() ( ) |
| | XTSOLgetResUID() ( ) |
| | XTSOLgetSSHeight() ( ) |
| | XTSOLgetWorkstationOwner() ( ) |
| | XTSOLIsWindowTrusted() ( ) |
| | XTSOLmakeTPWindow() ( ) |
| | XTSOLsetPolyInstInfo() ( ) |
| | XTSOLsetPropLabel() ( ) |
| | XTSOLsetPropUID() ( ) |
| | XTSOLsetResLabel() ( ) |
| | XTSOLsetResUID() ( ) |
| | XTSOLsetSessionHI() ( ) |
| | XTSOLsetSessionLO() ( ) |
| | XTSOLsetSSHeight() ( ) |
| | XTSOLsetWorkstationOwner() ( ) |
| | | |
| M |
|
| m_label_alloc() routine |
| | code example ( ) |
| | declaration ( ) |
|
| m_label_dup() routine, declaration ( ) |
|
| m_label_free() routine, declaration ( ) |
|
| m_label_t type ( ) |
|
| MAC (mandatory access control) ( ) ( ) |
| | making socket exempt from ( ) |
|
| multilevel operations, security policy for ( ) |
|
| multilevel ports |
| | description of ( ) ( ) ( ) |
| | using with UDP ( ) |
| | | |
| N |
|
| net_bindmlp privilege ( ) |
|
| net_mac_aware privilege ( ) |
|
| network security policy, default ( ) |
|
| networks, security attributes ( ) |
|
| non-global zones ( ) |
| | | |
| O |
|
| ouid field ( ) |
| | | |
| P |
|
| PAF_SELAGNT flag ( ) |
|
| pid field ( ) |
|
| plabel command ( ) |
|
| polyinstantiation, description of ( ) |
|
| PORTMAPPER service ( ) |
|
| ports |
| | multilevel ( ) |
| | single-level ( ) |
|
| printer banner page |
| | label translation ( ) ( ) |
|
| printing |
| | banner page ( ) |
| | get_peer_label() function ( ) |
| | label API and ( ) |
| | labeled output ( ) |
| | multilevel ( ) |
|
| privileged tasks |
| | labels ( ) |
| | multilevel port connections ( ) |
| | Trusted X Window System ( ) |
|
| privileges |
| | file_dac_read ( ) |
| | file_dac_search ( ) ( ) |
| | file_dac_write ( ) |
| | file_downgrade_sl ( ) ( ) |
| | file_owner ( ) |
| | file_upgrade_sl ( ) ( ) |
| | net_bindmlp ( ) ( ) ( ) |
| | net_mac_aware ( ) ( ) |
| | sys_trans_label ( ) ( ) |
| | win_config ( ) |
| | win_dac_read ( ) |
| | win_dac_write ( ) |
| | win_devices ( ) ( ) |
| | win_dga ( ) |
| | win_downgrade_sl ( ) |
| | win_fontpath ( ) |
| | win_selection ( ) |
| | win_upgrade_sl ( ) ( ) |
|
| process clearances, labels defined ( ) |
|
| processes |
| | binding to multilevel ports ( ) |
| | in labeled zones ( ) |
| | multilevel initiated in global zone ( ) |
| | writing down from global zone ( ) |
|
| properties |
| | description of ( ) ( ) |
| | privileges ( ) |
| | | |
| R |
|
| Range class |
| | description of ( ) |
| | methods and static factories ( ) |
|
| relationships between labels ( ) |
|
| releasing an application ( ) |
|
| remote host |
| | credential ( ) ( ) |
| | label ( ) |
| | type ( ) |
|
| ResourceType structure ( ) |
|
| RPC (remote procedure call) ( ) |
| | | |
| S |
|
| SCM_UCRED ( ) |
|
| security attribute flags, API declarations ( ) |
|
| security attributes |
| | accessing labels ( ) |
| | labels from remote hosts ( ) |
| | Trusted X Window System |
| | | contrast with Solaris ( ) |
| | | description of ( ) |
|
| security policy |
| | communication endpoints ( ) |
| | definition of ( ) |
| | global zone ( ) |
| | label guidelines ( ) |
| | labels ( ) |
| | multilevel operations ( ) |
| | multilevel ports ( ) |
| | network ( ) |
| | sockets ( ) |
| | translating labels ( ) |
| | Trusted X Window System ( ) |
| | write-down in global zone ( ) |
|
| Selection Manager |
| | bypassing with flag ( ) |
| | security policy ( ) |
|
| sensitivity labels ( ) ( ) |
|
| SensitivityLabel subclass |
| | code example ( ) |
| | description of ( ) |
| | methods ( ) |
|
| sessionid field ( ) |
|
| setFileLabel method, declaration ( ) |
|
| setflabel() routine |
| | code example ( ) |
| | declaration ( ) |
|
| setpflags() system call ( ) |
|
| single-level ports, description of ( ) |
|
| sl field ( ) ( ) |
|
| SO_MAC_EXEMPT option ( ) |
|
| SO_RECVUCRED option ( ) |
|
| sockets |
| | access checks ( ) ( ) |
| | exempt from MAC ( ) |
|
| software packages, creating ( ) |
|
| SOL_SOCKET ( ) |
|
| Solaris |
| | examples of Trusted Extensions APIs ( ) |
| | interfaces, API declarations ( ) |
|
| SolarisLabel abstract class |
| | description of ( ) |
| | methods and static factories ( ) |
|
| str_to_label() routine, code example ( ) |
|
| strictly dominant labels ( ) |
|
| strictlyDominates method, declaration ( ) |
|
| sys_trans_label privilege ( ) |
|
| system calls |
| | API declarations ( ) |
| | fgetlabel() routine ( ) |
| | getlabel() routine ( ) |
| | | |
| T |
|
| terms, definitions of ( ) |
|
| testing and debugging applications ( ) |
|
| text, color names ( ) |
|
| toCaveats method |
| | code example ( ) |
| | declaration ( ) |
|
| toChannels method |
| | code example ( ) |
| | declaration ( ) |
|
| toColor method, declaration ( ) |
|
| toFooter method |
| | code example ( ) |
| | declaration ( ) |
|
| toHeader method |
| | code example ( ) |
| | declaration ( ) |
|
| toInternal method, declaration ( ) |
|
| toProtectAs method |
| | code example ( ) |
| | declaration ( ) |
|
| toRootPath method, declaration ( ) |
|
| toString method, declaration ( ) |
|
| toText method, declaration ( ) |
|
| toTextLong method, declaration ( ) |
|
| toTextShort method, declaration ( ) |
|
| translation |
| | labels with font list ( ) |
| | privileges needed ( ) |
|
| Trusted Extensions APIs, Solaris examples ( ) |
|
| Trusted Extensions system, detecting ( ) |
|
| Trusted Path window, definition of ( ) |
|
| Trusted X Window System |
| | API declarations ( ) ( ) |
| | client attributes structure ( ) |
| | defaults ( ) |
| | description of ( ) |
| | input devices ( ) |
| | label-clipping API declaration ( ) |
| | object attribute structure ( ) |
| | object type definition ( ) |
| | objects ( ) |
| | override-redirect ( ) |
| | predefined atoms ( ) |
| | privileged tasks ( ) |
| | properties ( ) |
| | property attribute structure ( ) |
| | protocol extensions ( ) |
| | root window ( ) |
| | security attributes |
| | | contrast with Solaris ( ) |
| | | description of ( ) |
| | security policy ( ) |
| | Selection Manager ( ) |
| | server control ( ) |
| | Trusted Path window ( ) |
| | using interfaces ( ) |
|
| tsol_getrhtype() routine, declaration ( ) |
| | | |
| U |
|
| ucred_getlabel() routine, declaration ( ) |
|
| ucred_t data structure ( ) ( ) |
|
| uid field ( ) ( ) ( ) ( ) |
|
| upgrading labels |
| | guidelines ( ) |
| | privileges needed ( ) |
| | Trusted X Window System ( ) |
|
| user IDs |
| | obtaining on window ( ) |
| | obtaining on workstation ( ) |
| | | |
| W |
|
| Web Guard prototype ( ) |
|
| win_config privilege ( ) |
|
| win_dac_read privilege ( ) |
|
| win_dac_write privilege ( ) |
|
| win_devices privilege ( ) |
|
| win_dga privilege ( ) |
|
| win_downgrade_sl privilege ( ) |
|
| win_fontpath privilege ( ) |
|
| win_mac_read privilege ( ) |
|
| win_mac_write privilege ( ) |
|
| win_upgrade_sl privilege ( ) |
|
| windows |
| | client, security policy ( ) |
| | defaults ( ) |
| | description of ( ) |
| | override-redirect, security policy ( ) |
| | privileges ( ) |
| | root, security policy ( ) |
| | security policy ( ) |
| | | |
| X |
|
| X Window System, See Trusted X Window System |
|
| Xlib |
| | API declarations ( ) |
| | objects ( ) |
|
| XTsolClientAttributes structure ( ) |
|
| XTSOLgetClientAttributes() routine, declaration ( ) |
|
| XTSOLgetPropAttributes() routine, declaration ( ) |
|
| XTSOLgetPropLabel() routine, declaration ( ) |
|
| XTSOLgetPropUID() routine, declaration ( ) |
|
| XTSOLgetResAttributes() routine |
| | code example ( ) |
| | declaration ( ) |
|
| XTSOLgetResLabel() routine |
| | code example ( ) |
| | declaration ( ) |
|
| XTSOLgetResUID() routine |
| | code example ( ) |
| | declaration ( ) |
|
| XTSOLgetSSHeight() routine, declaration ( ) |
|
| XTSOLgetWorkstationOwner() routine |
| | code example ( ) |
| | declaration ( ) |
|
| XTSOLIsWindowTrusted() routine, declaration ( ) |
|
| XTSOLmakeTPWindow() routine, declaration ( ) |
|
| XTsolPropAttributes structure ( ) |
|
| XTsolResAttributes structure ( ) |
|
| XTSOLsetPolyInstInfo() routine, declaration ( ) |
|
| XTSOLsetPropLabel() routine, declaration ( ) |
|
| XTSOLsetPropUID() routine, declaration ( ) |
|
| XTSOLsetResLabel() routine |
| | code example ( ) |
| | declaration ( ) |
|
| XTSOLsetResUID() routine, declaration ( ) |
|
| XTSOLsetSessionHI() routine, declaration ( ) |
|
| XTSOLsetSessionLO() routine, declaration ( ) |
|
| XTSOLsetSSHeight() routine, declaration ( ) |
|
| XTSOLsetWorkstationOwner() routine, declaration ( ) |
| | | |
| Z |
|
| zones |
| | APIs for zone labels and zone paths ( ) |
| | labeled ( ) |
| | mounts and the global zone ( ) |
| | multilevel ports ( ) |
| | in Trusted Extensions ( ) |
|
