Importing and exporting information is one of the main functions of a computer system. Whenever data enters the computer, it is considered to have been imported from somewhere, whether the keyboard, the tape drive, or other input device. Anytime the system produces information, such as via a printer or a write action to a tape or floppy disk, an export is considered to have occurred. For the purposes of this Guide, we will discuss export of data via printers and import and export of data on tape devices with the tar(1) command.
Printing under Trusted IRIX/CMW requires no special resources. Except where noted in this chapter, printing operates exactly as described in your standard IRIX documentation. The lp(1) command behaves somewhat differently than its IRIX counterpart. The user is encouraged to read the reference page prior to using this command.
Trusted IRIX/CMW meets the requirement for B1-level systems for labeled printing. Each page of printed output carries the label of the printing process at the top and bottom of the page. The system intercepts the output of a print request before it is sent to the printer and ensures that appropriate banner pages and individual page labels are produced. Your Administrator will tell you which commands to use to print your files.
It is possible that a print job may be submitted with a label which does not appear in the label naming databases described in mlsfiles(4). Should this occur, the label printed on the banner pages and at the top and bottom of each page will reflect the numeric values of the component or components which lack assigned ascii representations. This does not
represent a breach of system security. These numeric components accurately reflect the label components they represent, there is simply no meaningful name for that component value. It is important that any print job that has such a label be handled with extreme care as its sensitivity, while displayed accurately, may not be obvious.
Any user who encounters such a printed label should contact the system administrator.
Under Trusted IRIX/CMW, access to the tape device is administratively controlled. The system administrator must take specific steps to ensure that the tape device is properly configured for your use prior to inserting the tape in the drive.
The procedures required of the Administrator are described in the Trusted IRIX/CMW Security Administration Guide.
You will need to notify your System Administrator that you need to use the tape device and you will need to provide the security label of the information you wish to archive and the label your process will have while you use the tape device. The Administrator will then have to change the security label of the tape device for you before you can begin. When you are done, the Administrator will have to change the label of the tape drive back to its default. The default label for the tape device is dbadmin, which is only accessible by the dbadmin account and by root.
Your site may have specific policies regarding the secure handling of tapes, particularly in the area of human readable “sticky” labels. Your site may require that tapes be handled only by the operator, or you may be allowed to do so yourself.
Once you have made your tape, you must write the security classification and categories, as well as any MINT grades and divisions on it, and handle and store the tape according to your site's security policies.
Check the local policy with your system administrator before attempting to physically mount a tape.
The basic rules most sites follow for tape handling include:
Storing the tapes in a locked room, sorted according to security label.
Limiting access to the tape storage area to people with the highest security clearances.
Disposing of used tapes in a secure manner, after they have been erased and verified that no information remains readable on the tape. Sometimes, tapes are destroyed by burning.
B1 systems are required to provide for labeled magnetic tape archives. Trusted IRIX/CMW meets this requirement by providing the new M keyword to the tar(1) command. This keyword directs tar to maintain the security labels, access control lists, and capability requirements on all files placed on the tape. To recover files from the tape, use tar(1) with the M keyword. Restoring tapes with files of differing labels requires special capabilities.
Always remember that it is still possible to make unlabeled tapes using tar without the M keyword. Also, using tar to extract labeled files without the M keyword will result in the loss of label and other security data.