Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Mail Systems
Eclipse Documentation

How To Guides
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Problem Solutions
Privacy Policy




Solaris Trusted Extensions Installation and Configuration
Previous Next

Computer Security Recommendations

Consider the following list of guidelines when you develop a security policy for your site.

  • Assign the maximum label of a system that is configured with Trusted Extensions to not be greater than the maximum security level of work being done at the site.

  • Manually record system reboots, power failures, and shutdowns in a site log.

  • Document file system damage, and analyze all affected files for potential security policy violations.

  • Restrict operating manuals and administrator documentation to individuals with a valid need for access to that information.

  • Report and document unusual or unexpected behavior of any Trusted Extensions software, and determine the cause.

  • If possible, assign at least two individuals to administer systems that are configured with Trusted Extensions. Assign one person the security administrator authorization for security-related decisions. Assign the other person the system administrator authorization for system management tasks.

  • Establish a regular backup routine.

  • Assign authorizations only to users who need them and who can be trusted to use them properly.

  • Assign privileges to programs only they need the privileges to do their work, and only when the programs have been scrutinized and proven to be trustworthy in their use of privilege. Review the privileges on existing Trusted Extensions programs as a guide to setting privileges on new programs.

  • Review and analyze audit information regularly. Investigate any irregular events to determine the cause of the event.

  • Minimize the number of administration IDs.

  • Minimize the number of setuid and setgid programs. Such programs must be employed only in protected subsystems.

  • Ensure that an administrator regularly verifies that regular users have a valid login shell.

  • Ensure that an administrator must regularly verifies that regular users have valid user ID values and not system administration ID values.

Previous Next

  Published under the terms fo the Public Documentation License Version 1.01. Design by Interspire