Validating Labels
A valid label is a label defined in the label_encodings file. You can use the bslvalid(3TSOL) routine to check if a sensitivity label is valid. The sensitivity label of the calling process must dominate the sensitivity label being checked or the calling process needs the sys_trans_label privilege in its effective set for this operation to succeed.
#include <tsol/label.h>
main()
{
int retval, error;
bslabel_t senslabel;
char *string = "CONFIDENTIAL";
retval = stobsl(string, &senslabel, NEW_LABEL, &error);
retval = bslvalid(&senslabel);
printf("Valid Sensitivity Label? = %d\n", retval);
}
The printf statement prints the following where 1 indicates the label is valid; -1 indicates the label_encodings file is inaccessible; and 0 indicates the label is not valid, or the process sensitivity label does not dominate the clearance and the process does not have the sys_trans_label privilege in its effective set:
Valid Sensitivity Label? = 1 |
- © 2010, Oracle Corporation and/or its affiliates