A valid label is a label defined in the label_encodings file. You can use the bslvalid(3TSOL) routine to check if a sensitivity label is valid. The sensitivity label of the calling process must dominate the sensitivity label being checked or the calling process needs the sys_trans_label privilege in its effective set for this operation to succeed.
#include <tsol/label.h> main() { int retval, error; bslabel_t senslabel; char *string = "CONFIDENTIAL"; retval = stobsl(string, &senslabel, NEW_LABEL, &error); retval = bslvalid(&senslabel); printf("Valid Sensitivity Label? = %d\n", retval); }
The printf statement prints the following where 1 indicates the label is valid; -1 indicates the label_encodings file is inaccessible; and 0 indicates the label is not valid, or the process sensitivity label does not dominate the clearance and the process does not have the sys_trans_label privilege in its effective set:
Valid Sensitivity Label? = 1 |