Valid Clearance

A valid clearance is a clearance defined in the label_encodings(4) file. Call the bclearvalid(3TSOL) routine to check if a clearance is valid. The process running at TS A B equals the clearance and needs no privilege for this operation.

#include <tsol/label.h>
main()
{
	int          retval, error;
	bclear_t     bclear;
	char         *string = "TS ABLE BAKER";

	retval = stobclear(string, &bclear, NEW_LABEL, &error);
	retval = bclearvalid(&bclear);
	printf("Return value = %d\n", retval);
}

The printf statement prints the following where 1 means the clearance is valid; -1 means the label_encodings file is inaccessible; and 0 means the label is not valid or the process sensitivity label does not dominate the clearance and the sys_trans_label privilege is not effective:

Return value = 1

Previous: Find Greatest Level and Lowest Level
Next: Translating Process Clearances