NSS includes the following features to help prevent access to data that circumvents normal access control:
Encrypted Volume Support
Encrypt data volumes, meeting U.S. Government security standards. For information, see Managing Encrypted NSS Volumes.
Data shredding (up to 7 times) for deleted files
Erase files completely, meeting U.S. Government security standards. For information, see Section 15.2, Using Data Shredding to Prevent Access to Deleted Files.
Multiple server access prevention for pools
Multiple Server Access Prevention ensures data integrity by preventing unauthorized access to shared media in a storage area network. For information, see Section 11.14, Preventing Pools from Activating on Multiple Servers.
Trustee model for access control on NSS volumes
NSS uses the Novell Trustee Model to greatly simplify access control management in the file system. It restricts visibility of data structures so that users only see subdirectories they have rights to see, not the whole tree like all other file systems.
For information about the Novell Trustee Model and NSS file system rights, see the File Systems Management Guide for OES .