Initialize Binary Labels and Check Types

These interfaces initialize a label to ADMIN_HIGH, ADMIN_LOW, and undefined. ADMIN_HIGH represents the highest possible classification number including all compartments and all markings. ADMIN_HIGH strictly dominates every other label in the system. Normal users cannot read or write files at ADMIN_HIGH.

ADMIN_LOW represents a classification of zero with no compartments. All users can read or execute files with a sensitivity label of ADMIN_LOW. No normal user can write files at ADMIN_LOW. Every other label in the system strictly dominates ADMIN_LOW. ADMIN_LOW is assigned to publicly accessible system files and commands.

Undefined is similar to NULL and represents an invalid label. A sensitivity label is undefined when the ID field is initialized to SUN_SL_UN. An undefined label is invalid. CMW labels do not have an undefined state, only the sensitivity portion has an undefined state.

A CMW label or sensitivity label, is defined when the ID field in the label structure is initialized to SUN_CMW_ID or SUN_SL_ID.

This example initializes a label to ADMIN_HIGH and ADMIN_LOW, and then and checks and prints the label type.

#include <tsol/label.h>

main()
{
	int retval;
	bslabel_t psenslabel;
	bclabel_t pCMWlabel;

/* initialize labels*/
	bclundef(&pCMWlabel);
	bslhigh(&psenslabel);

/* Check label types */
	retval = bltype(&psenslabel, SUN_SL_ID);
	printf("Is sensitivity label defined? %d\n", retval);
}

The printf statements print the following. Non-zero is True and 0 is False.

Is sensitivity label defined? 1