Privileges for Translating Labels (Solaris Trusted Extensions Label Administration)

Solaris Trusted Extensions Label Administration

Previous: Authorizations for Relabeling Information
Next: Chapter??2 Planning Labels (Tasks)

Privileges for Translating Labels

Label translation occurs whenever programs manipulate labels. Labels are translated to and from the textual strings to the internal representation. For example, when a program such as getlabel gets the label of a file, before the label can display to the user, the internal representation of the label is translated into readable output. When the setlabel program sets a label specified on the command line, the textual string, that is, the label's name, is translated into the label's internal representation. Trusted Extensions permits label translations only if the calling process's label dominates the label that is to be translated. If a process attempts to translate a label that the process's label does not dominate, the translation is disallowed. The sys_trans_label privilege is required to override this restriction.

Previous: Authorizations for Relabeling Information
Next: Chapter??2 Planning Labels (Tasks)