Trusted IRIX™/CMW Security Administration Guide

Document Number: 007-3299-009

Front Matter

| List of Figures | List of Tables |

Table of Contents

New Features in This Guide
New Features Documented
Documentation Changes

About This Guide
What This Guide Contains
Target Audience of This Guide
Related Publications
IRIX Man Pages
Obtaining Publications
Conventions Used in This Guide 
Reader Comments

1. Introduction to Trusted IRIX/CMW
Trusted IRIX/CMW Product Overview
Trusted IRIX/CMW Security Features
TSIX Session Manager
Data Import/Export Restrictions

2. Planning Your Trusted IRIX/CMW System
Planning Your Security Administration
Creating Security Policies
Planning for Users
Planning for Mandatory Sensitivity
Planning for Mandatory Integrity
Planning for Auditing
Planning for Networking
Using Cpusets with Trusted IRIX
Configuration Files
Identifying the System
Installation Notes
System Administration Tools
Deactivating a Trusted System

3. Administering Login Accounts
User Accounts
User Groups

4. Networking with Trusted IRIX/CMW
Introduction to Network Security
Theory of TSIX Networking
Trusted Network Preparation and Configuration
rhost.conf Database
Domains of Translation and Interpretation (DOT and DOI)
The inetd Network Service Daemon
Miscellaneous Trusted Network Information

5. Administering Access Control
Mandatory Access Control
Types of Labels
Working With Labels
Discretionary Access Control
Access Control Lists
Capability Assignment

6. Administering the System Audit Trail
Audit Events in Trusted IRIX/CMW
Auditing Unexpected Use of Privilege

7. Administering Identification and Authentication
Administering Passwords
Login Process with the CMW Dialog
Login Process with Telnet or Serial Terminals

8. Trusted IRIX/CMW System Data Files
Home Directory Files
Files in the /var Directory Structure
Files in the /dev Directory Structure
Files in the /etc Directory Structure
Files in the /etc/config Directory Structure
Fields in the /etc/mac File
Files in the /usr Directory Structure

9. Administering Printing and Tape Devices
Printing under Trusted IRIX/CMW
Magnetic Tape Backups

10. Maintaining an Evaluated Configuration
Hardware Configuration
Software Configuration
Administrative Configuration