[redhat-lspp] Re: Initial MLS Label Printing Support
Janak Desai
janak at us.ibm.com
Mon Aug 15 20:30:52 UTC 2005
Linda Knippers wrote:
>>>>The security attributes are extracted from the client socket attributes.
>>>>Does that mean that a "Top Secret" process printing an Unclassified file
>>>>will result in printed output that is labeled "Top Secret"? or are the
>>>>attributes of the socket manipulated to match that of the file being
>>>>printed?
>>>>
>>
>>
>>This is correct currently. The socket attributes aren't manipulated to the
>>level of the input. This is the simplest approach. Using the label of the
>>file(s) can be complicated when for example you have one job which prints
>>two files that are different labels.
>
>
> If you use the attributes of the socket does it meet the "least upper
> bound" requirement? Sounds like its ok to have the label of the
> most sensitive file in a multi-file print request.
>
Yes, that's correct. However, as Chad said, it could be messy to obtain
labels of different files and then using the most dominant label. If
it is easier to use the process sensitivity label, we should use it since
it is the ultimate LUB.
-Janak
More information about the redhat-lspp
mailing list