Copyright 2017 Peter Tribble
Copyright (c) 2007, Sun Microsystems Inc. All Rights Reserved.
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
Trusted Extensions software is a specific configuration of the Operating System. Trusted Extensions provides labels for local objects and processes, for zones and file systems, and for network communications. These labels are used to implement a Multilevel Security (MLS) policy that restricts the flow of information based on label relationships. In contrast to Discretionary Access Control (DAC) based on ownership, the MLS policy enforced by Trusted Extensions is an example of Mandatory Access Control (MAC).
By default, Trusted Extensions software is disabled. It is enabled and disabled (but not configured) by the labeld(8) service, identified by the FMRI:
svc:/system/labeld:default
The system must be rebooted after enabling or disabling labeld to activate or deactivate Trusted Extensions software.
label_encodings (5), labels (7), labeld (8)