[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: [redhat-lspp] Security Context label attribute question
- From: Michael C Thompson <thompsmc us ibm com>
- To: Andy Suchoski <andrew suchoski hp com>
- Cc: redhat-lspp redhat com
- Subject: Re: [redhat-lspp] Security Context label attribute question
- Date: Wed, 07 Jun 2006 14:53:44 -0500
Andy Suchoski wrote:
Hello all,
My background is with legacy MLS systems and I can understand when the
label attribute of a process contains a low label and a high label
(s0-s15:c0.c255), the low label corresponds to the level at which a
process operates and the high label corresponds to the clearance of the
process. I believe that is right. But what does the low label and high
label mean in the security context of an object such as a file or a
directory?
Most objects, such as files, are restricted such that their low label
and high label are equivalent, or "single-level". However, directories
(and some other objects in the system, I don't remember which right now)
are permitted to be "multi-level", since a directory could hold files
with different levels.
Mike
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]