Trusted Extensions works properly in snv134. The comment about only one
zone having Internet access applies to the default configuration.
Typically each zone will be connected to its own restricted network.
Since we can't trust generic Internet hosts, we just assign them a
single default label, e.g. Public. Because they are not MLS systems,
they can't be trusted to communicate at more than one label.
Configuring multiple network labels would be the next step after getting
a simple TX installation running.
--Glenn
schatten wrote:
How is TE working with OSOL snv134? Is it working better than with 2009.06? I,
at least, had a bit trouble with it on the 2009.06 version.
I also read and noticed that only one zone can have internet access. So only
the untrusted zone or the root zone. Is that true?
--
ORACLE ®
Glenn Faden | Senior Principal Software Engineer
Phone: +1 650 786 4003 | Mobile: +1 415 637 8181
Oracle Solaris Security, Solaris Core OS Technology Engineering
_______________________________________________
security-discuss mailing list
[email protected]
