[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [redhat-lspp] Getting rid of multilevel objects

From: Casey Schaufler <casey schaufler-ca com>
To: Joe Nall <joe nall com>, Chad Hanson <chanson TrustedCS com>
Cc: lspp-list <redhat-lspp redhat com>, Klaus Weidner <klaus atsec com>
Subject: Re: [redhat-lspp] Getting rid of multilevel objects
Date: Wed, 5 Jul 2006 14:32:15 -0700 (PDT)

--- Joe Nall <joe nall com> wrote:

> On the HP CMW, /dev/null has a WILDCARD label
> 
> cmw:joe> lslevel /dev/null
> /dev/null   WILDCARD
> 
> WILDCARD is really the absence of a label (literally
> a null pointer  
> in the API). This is equivalent to a
> SystemLow-SystemHigh range for  
> most applications.

Trusted Irix uses a label type to identify
wildcard (it's actually two types,
MSENEQUAL/MINTEQUAL) but it's conceptually
the same.

> Directories are not ranged, but have to satisfy the
> constraint that  
> the directory contents must dominate the directory.

I assume this is done at creation. And this is
the same constraint on Trix and TSOL.

> To create a file  
> in a directory with a lower classification, the
> creating process must  
> have the allowmacwrite privilege.

How do these systems handle creating TopSecret
entries in Secret directories?

> Directory relabels are only  
> possible if the directory is empty.

Yup.

> I could not find the mkupdir syscall in the online
> Trusted Solaris documentation.

I'm sure I got the name wrong. mksecdir, perhaps?
I last worked on it in 1989, so  I can claim
senility if necessary.

Casey Schaufler
casey schaufler-ca com

References:
- Re: [redhat-lspp] Getting rid of multilevel objects
  - From: Joe Nall

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]