- access control
- Administering Access Control
- access control, using
- Administering Access Control
- account
- adding a user
- Creating User Accounts
- administrator
- Administrative Accounts
- guest
- Guidelines for User Accounts
- guidelines
- Guidelines for User Accounts
- user
- Administering Login Accounts
- accountability
- Why Use a Trusted System
- Administering Identification and Authentication
- accounts
- adding
- Creating User Accounts
- removing
- Removing a User
- ACL
- permissions
- Access Control Lists
- adding
- a new group
- Adding a New Group
- user accounts
- Creating Normal User Accounts
- user groups
- Adding a New Group
- administration, system
- documentation
- IRIX Admin Manual Set
- administrative data files
- Trusted IRIX/CMW System Data Files
- administrator
- accounts
- Administrative Accounts
- login
- Administrator Login
- tasks
- System Administrator
- assurance
- Why Use a Trusted System
- audit
- events
- Auditor
- tools
- Auditor
- audit trail
- Administering the System Audit Trail
- auditing
- planning for
- Planning for Auditing
- auditing, description
- Administering the System Audit Trail
- auditor
- login
- Auditor
- tasks
- Auditor
- augmented superuser privilege environment
- Privilege Environments
- authentication
- Administering Identification and Authentication
- B1
- feature set
- Trusted IRIX/CMW Security Features
- printing
- Data Import/Export Restrictions
- capability-based privilege mechanism
- Privilege Environments
- changing
- MAC labels
- Changing Object Labels
- permissions
- Changing Permissions
- process labels
- Changing Process Labels
- to a new label
- Changing Process Labels
- checking
- labels
- Checking Labels
- chlabel (1)
- Changing Object Labels
- configuring Trusted IRIX/B
- Trusted Network Preparation and Configuration
- conventions, typographical
- Conventions
- covici command
- Trusted IRIX/CMW System Data Files
- Cpuset System
- Using Cpusets with Trusted IRIX
- creating
- new label names
- Creating New Label Names
- DAC
- Discretionary Access Control
- changing permissions
- Changing Permissions
- description
- Discretionary Access Control
- directory permissions
- Directory Permissions
- Discretionary Access Control
- Discretionary Access Control
- permissions
- Discretionary Access Control
- POSIX standard
- Discretionary Access Control
- umask
- Setting Permissions With umask
- using
- Trusted IRIX/CMW File Permissions
- data files
- administrative
- System Administrator
- Trusted IRIX/CMW System Data Files
- dbadmin
- label
- Private Database Label (dbadmin)
- dblow
- label
- Public Database Label (dblow)
- deactivating a trusted system
- Deactivating a Trusted System
- definition
- of a trusted system
- What Is a Trusted System
- of administrator
- System Administrator
- of auditor
- Auditor
- of capability
- Privilege Environments
- of label relationships
- Mandatory Access Control
- of physical security policy
- Physical Security Policy
- of privilege
- Privilege Environments
- of procedural security policy
- Procedural Security Policy
- of security policy
- Creating Security Policies
- of system security policy
- System Security Policy
- deleting
- labels
- Deleting a Label
- directory permissions
- Directory Permissions
- Discretionary Access Control. See DAC
- Discretionary Access Control
- Discretionary Access Control
- documentation conventions
- Conventions
- Domain of Interpretation
- DOI/DOT Restrictions under Trusted IRIX/CMW
- Domains of Translation
- Domains of Translation and Interpretation (DOT and DOI)
- domination of labels
- Mandatory Access Control
- E-bus
- general
- Introduction to Network Security
- encrypted password
- Administering Passwords
- equal labels
- Equal (Wildcard) Labels
- equivalence of labels
- Mandatory Access Control
- /etc/mac file
- summary of types and values
- Creating New Label Names
- Ethernet bus
- planning
- Planning for Networking
- files
- administrative
- Trusted IRIX/CMW System Data Files
- /dev/console
- /dev/console
- /dev/klog
- /dev/klog
- /dev/kmem
- /dev/kmem
- /dev/log
- /dev/log
- /dev/ptc
- /dev/ptc
- /dev/tty
- /dev/tty
- /etc/aliases
- /etc/aliases
- /etc/capability
- /etc/capability
- /etc/clearance
- /etc/clearance
- /etc/config/acct
- /etc/config/acct
- /etc/config/automount
- /etc/config/automount
- /etc/config/automount.options
- /etc/config/automount.options
- /etc/config/login
- /etc/config/login
- /etc/config/named
- /etc/config/named
- /etc/config/network
- /etc/config/network
- /etc/config/nfs
- /etc/config/nfs
- /etc/config/rwhod
- /etc/config/rwhod
- /etc/config/rwhod
- /etc/config/sat_select.options
- /etc/config/sat_select.options
- /etc/config/satd.options
- /etc/config/satd.options
- /etc/config/satd.options
- /etc/config/syslogd.options
- /etc/config/syslogd.options
- /etc/config/timed
- /etc/config/timed
- /etc/config/timed.options
- /etc/config/timed.options
- /etc/cshrc
- /etc/cshrc
- /etc/exports
- /etc/exports
- /etc/fstab
- /etc/fstab
- /etc/gettydefs
- /etc/gettydefs
- /etc/group
- /etc/group
- /etc/hosts
- /etc/hosts
- /etc/hosts.equiv
- /etc/hosts.equiv
- /etc/inetd.conf
- /etc/inetd.conf
- /etc/inittab
- /etc/inittab
- /etc/ioctl.syscon
- /etc/ioctl.syscon
- /etc/mail/submit.cf
- /etc/mail/submit.cf
- /etc/motd
- /etc/motd
- /etc/nologin
- /etc/nologin
- /etc/opasswd
- /etc/opasswd
- /etc/passwd
- /etc/passwd
- /etc/profile
- /etc/profile
- /etc/resolv.conf
- /etc/resolv.conf
- /etc/rhost.conf
- /etc/rhost.conf
- /etc/sendmail.cf
- /etc/sendmail.cf
- /etc/services
- /etc/services
- /etc/sys_id
- /etc/sys_id
- /etc/syslog.conf
- /etc/syslog.conf
- /etc/TIMEZONE
- /etc/TIMEZONE
- /etc/ttytype
- /etc/ttytype
- /etc/utmp
- /var/adm/utmp
- /etc/wtmp
- /var/adm/wtmp
- permissions
- Trusted IRIX/CMW File Permissions
- .rhosts
- .rhosts
- /secadm/auth/user.info
- /etc/shadow
- /secadm/label/categorynames
- categorynames
- /secadm/label/divisionnames
- divisionnames
- /secadm/label/gradenames
- gradenames
- /secadm/label/labelnames
- labelnames
- /secadm/label/levelnames
- levelnames
- /secadm/label/minttypenames
- minttypenames
- /secadm/label/msentypenames
- msentypenames
- .sgisession
- .sgisession
- /usr/adm/lastlog/username
- /var/adm/lastlog/username
- /usr/adm/OLDsulog
- /var/adm/OLDsulog
- /usr/adm/oSYSLOG
- /var/adm/oSYSLOG
- /usr/adm/sulog
- /var/adm/sulog
- /usr/adm/SYSLOG
- /var/adm/SYSLOG
- /usr/lib/X11/xdm/Xresources
- /usr/lib/X11/xdm/Xresources
- /usr/spool/lp/pstatus
- /var/spool/lp/pstatus
- /usr/spool/lp/qstatus
- /var/spool/lp/qstatus
- files"/etc/resolv.conf"
- /etc/resolv.conf
- filesystems
- labeled
- Filesystems
- NFS exported
- Filesystems
- group
- removing
- Removing a Group
- group guidelines
- Guidelines for User Groups
- guest account
- Guidelines for User Accounts
- guidelines
- for user accounts
- Guidelines for User Accounts
- for user groups
- Guidelines for User Groups
- help
- reference
- Reference Pages
- High Clearance label
- High Clearance (msenhigh/mintequal)
- $HOME/.rhosts file
- The /etc/hosts.equiv and $HOME/.rhosts Files
- Identification and Authentication
- Administering Identification and Authentication
- identifying
- the operating system
- Identifying the System
- the Trusted IRIX/CMW configuration
- Identifying the System
- inetd command
- services
- The inetd Network Service Daemon
- interoperating heterogeneous network
- Creating an Interoperating Heterogeneous Network
- IP security options
- Theory of TSIX Networking
- IRIX Admin manuals
- About This Guide
- IRIX administration
- documentation
- IRIX Admin Manual Set
- IRIX configuration
- Trusted Network Preparation and Configuration
- IRIX permissions (DAC)
- Discretionary Access Control
- label domination and equivalence
- Mandatory Access Control
- label names
- Label Name Aliases
- label relationships
- sample table
- Mandatory Access Control
- label types
- equal
- Equal (Wildcard) Labels
- labels
- administrative
- Administrative Labels
- checking
- Checking Labels
- Common Criteria types
- User (CC) Labels
- components
- Mandatory Access Control
- creating new names
- Creating New Label Names
- integrity
- Integrity Label Components
- label names aliases
- Label Name Aliases
- multilevel
- Multilevel Labels
- object
- Changing Object Labels
- process
- Changing Process Labels
- relationships
- Mandatory Access Control
- removing
- Deleting a Label
- restrictions on network services
- Label Restrictions on Network Services
- sensitivity
- Sensitivity Label Components
- system defaults
- Trusted IRIX/CMW Default Labels
- system high
- Creating a Homogeneous Network of Trusted IRIX/CMW Systems
- system low
- Creating a Homogeneous Network of Trusted IRIX/CMW Systems
- types
- Creating a Homogeneous Network of Trusted IRIX/CMW Systems
- user
- User (CC) Labels
- wildcard
- Equal (Wildcard) Labels
- locked account
- Password Aging
- login account
- guest
- Guidelines for User Accounts
- login accounts
- Administering Login Accounts
- locked
- Password Aging
- maintaining
- Administering Login Accounts
- MAC
- changing labels
- Changing Object Labels
- changing to a new label
- Changing Process Labels
- creating new label names
- Creating New Label Names
- definition
- Mandatory Access Control
- deleting a label
- Deleting a Label
- maintaining administrative files under RCS
- System Administration Tools
- maintaining login accounts
- Administering Login Accounts
- man command
- Reference Pages
- man pages
- Reference Pages
- Mandatory Access Control
- Administering Access Control
- Mandatory Access Control. See MAC
- Mandatory Access Control
- Mandatory Integrity (MINT)
- Mandatory Access Control
- Mandatory Integrity. See MINT
- Mandatory Access Control
- Mandatory Sensitivity. See MSEN
- Mandatory Access Control
- MINT
- Mandatory Access Control
- description
- Mandatory Access Control
- planning for
- Planning for Mandatory Integrity
- mld
- Multilevel Labels
- moldy directories
- Multilevel Labels
- MSEN
- Mandatory Access Control
- description
- Mandatory Access Control
- planning for
- Planning for Mandatory Sensitivity
- msenadmin
- Planning for Mandatory Sensitivity
- msenhigh
- Planning for Mandatory Sensitivity
- msenlow
- Planning for Mandatory Sensitivity
- multilevel directories
- Multilevel Labels
- multilevel login
- Multilevel Login
- network
- planning
- Planning for Networking
- networking
- and the audit trail
- Maintaining the System Audit Trail
- general
- Introduction to Network Security
- interoperating heterogeneous
- Creating an Interoperating Heterogeneous Network
- preparing for
- Trusted Network Preparation and Configuration
- new group
- adding
- Adding a New Group
- new label names
- creating
- Creating New Label Names
- new user account
- Creating User Accounts
- newlabel (1)
- Changing Process Labels
- NFS under Trusted IRIX/B
- Introduction to Network Security
- no-superuser privilege environment
- Privilege Environments
- object reuse
- Object Reuse Policy
- operating system configuration
- Trusted Network Preparation and Configuration
- password
- Administering Identification and Authentication
- aging
- Administering Passwords
- encrypted
- Passwords Under Trusted IRIX/CMW
- Administering Passwords
- expiration time
- Password Aging
- file
- /etc/shadow, /etc/passwd, /etc/clearance, and /etc/capability Files
- generation
- Passwords Under Trusted IRIX/CMW
- lifetime
- Password Aging
- theft
- Administering Identification and Authentication
- passwords
- locked accounts
- Password Aging
- permissions
- categories
- Trusted IRIX/CMW File Permissions
- changing
- Changing Permissions
- Changing Permissions
- directory
- Directory Permissions
- Directory Permissions
- file
- Trusted IRIX/CMW File Permissions
- File Permissions
- long listing
- Trusted IRIX/CMW File Permissions
- umask
- Setting Permissions With umask
- permissions (DAC)
- Discretionary Access Control
- Personal System Administration Guide
- About This Guide
- physical security policy
- Physical Security Policy
- planning
- for auditing
- Planning for Auditing
- for MINT
- Planning for Mandatory Integrity
- for MSEN
- Planning for Mandatory Sensitivity
- for users
- Planning for Users
- for your trusted system
- Planning Your Security Administration
- policies
- physical security
- Physical Security Policy
- procedural security
- Procedural Security Policy
- site security
- Creating Security Policies
- system security
- System Security Policy
- private database label
- Private Database Label (dbadmin)
- privilege
- environment
- Privilege Environments
- mechanism
- Privilege Environments
- procedural security policy
- Procedural Security Policy
- public database label
- Public Database Label (dblow)
- RCS, maintaining administrative files under
- System Administration Tools
- removing
- a machine
- Deactivating a Trusted System
- user accounts
- Removing a User
- user groups
- Removing a Group
- Revision Control System
- System Administration Tools
- rhost.conf database
- rhost.conf Database
- running a process at a new label
- Changing Process Labels
- sample label relationships
- Mandatory Access Control
- SAT
- System Audit Trail
- Administering the System Audit Trail
- security
- policy
- Why Use a Trusted System
- senmldhigh
- Multilevel Labels
- senmldlow
- Multilevel Labels
- SGIPSO2 protocol
- Creating a Homogeneous Network of Trusted IRIX/CMW Systems
- site security policy
- Creating Security Policies
- superuser-based privilege mechanism
- Privilege Environments
- support
- Better Support
- system administration
- documentation
- IRIX Admin Manual Set
- system administration manuals
- About This Guide
- system audit trail
- description
- System Audit Trail
- System Audit Trail (SAT)
- Administering the System Audit Trail
- System Manager
- About This Guide
- system security policy
- System Security Policy
- Target of Evaluation
- Trusted IRIX/CMW Security Features
- TCB
- Trusted IRIX/CMW Security Features
- TCP/IP under Trusted IRIX/B
- Introduction to Network Security
- TOE
- changes to
- Keeping Your System Installation Trusted
- regenerating
- Regenerating the Target of Evaluation (TOE)
- trust
- definition
- What Is a Trusted System
- trusted system deactivation
- Deactivating a Trusted System
- TSIX security policy
- TSIX Security Policy
- TSIX Session Manager
- standard
- TSIX Session Manager
- TSIX Session Manager standard
- Theory of TSIX Networking
- Domains of Translation and Interpretation (DOT and DOI)
- typographical conventions
- Conventions
- umask
- Setting Permissions With umask
- user
- account adding
- Creating User Accounts
- account guidelines
- Guidelines for User Accounts
- accounts
- Administering Login Accounts
- group guidelines
- Guidelines for User Groups
- name
- Administering Identification and Authentication
- user accounts
- closing
- Removing a User
- creating
- Creating User Accounts
- Creating Normal User Accounts
- guidelines
- Guidelines for User Accounts
- managing
- Administering Login Accounts
- user groups
- adding
- Adding a New Group
- guidelines
- Guidelines for User Groups
- purpose
- User Groups
- removing
- Removing a Group
- user.info File
- /etc/shadow, /etc/passwd, /etc/clearance, and /etc/capability Files
- users
- planning for
- Planning for Users
- Using Cpusets with Trusted IRIX
- Using Cpusets with Trusted IRIX