How This Book is Organized
The first two chapters present an overview of the Trusted Solaris programming interfaces, how security policy is enforced, how to retrieve security attribute information for file systems and processes, and how to use the Trusted Solaris security mechanisms. An overview of security policy and interprocess communications is presented in Chapter 10, Interprocess Communications.
Chapter 1, Introduction to the API and Security Policy presents an overview of the Trusted Solaris application programming interfaces and how security policy is enforced in the system.
Chapter 2, Getting Started contains short example programs showing how to retrieve security attribute information for file system and process objects, and how to use the security mechanisms provided in the Trusted Solaris environment.
Chapter 3, Privileges describes the data types and programming interfaces for managing file and process privileges. This chapter also describes how privileges are used in programs, presents guidelines for using privileges, and has a section of code examples.
Chapter 4, Labels describes the data types and programming interfaces for managing labels on process, file system, and device objects. This chapter also describes how a process acquires a CMW label, when label operations require privilege, and presents guidelines for handling labels.
Chapter 5, Label Code Examples presents example code showing how to use the programming interfaces.
Chapter 6, Process Clearance describes the data types and programming interfaces for managing the process clearance. This chapter also describes how a process acquires a clearance, which privileges bypass the restrictions placed on a process by the process clearance, and has a section of code examples.
Chapter 7, Multilevel Directories describes the data types and programming interfaces for getting information on multilevel and single-level directories. There chapter has a section of code examples.
Chapter 8, Application Auditing describes the data types and programming interfaces for generating audit records from a third-party application. There chapter also describes privilege and has a section of code examples.
Chapter 9, Accessing User and Rights Profile Data describes the data types and programming interfaces for reading the security information in the user databases. This chapter has a section of code examples.
Chapter 10, Interprocess Communications presents an overview of how security policy is applied to process-to-process communications within the same workstation and across the network.
Chapter 11, System V Interprocess Communication describes the data types and programming interfaces for managing labels on System V IPCTM objects. This chapter has a section of code examples.
Chapter 12, Trusted Security Information Exchange Library describes the data types and programming interfaces for handling security attribute information on messages transmitted across the network. This chapter has a section of code examples.
Chapter 13, Remote Procedure Calls describes data types and programming interfaces for remote procedure calls (RPC). This chapter has a section of code examples.
Chapter 14, Trusted X Window System describes the data types and programming interfaces that allow administrative applications to access and modify security-related X Window System information. This chapter has a section of code examples.
Chapter 15, Label Builder describes the data types and programming interfaces for creating a graphical user interface for building labels and clearances. This chapter has a section of code examples.
Appendix A, Programmer's Reference provides information on accessing man pages, shared libraries, header files, abbreviations used in data type and interface names, and preparing an application for release.
Appendix B, Trusted Solaris Interfaces Reference provides listings of the programming interfaces including parameter and return value declarations.
- © 2010, Oracle Corporation and/or its affiliates