Files and Applications in Trusted Extensions

All applications in Trusted Extensions have a level of sensitivity that is indicated by their label. Applications are subjects in any data transactions. Subjects must dominate the objects that the subjects try to access. Objects can be files and sometimes other processes can be objects. The label information for an application is displayed in the window label stripe. The label is visible when a window is open and when a window is minimized. An application's label also appears in the trusted stripe when the pointer is in the application's window.

In Trusted Extensions, files are objects in data transactions. Files can be accessed only by applications whose labels dominate the files' labels. A file can be viewed from windows that have the same label as the file.

Some applications use initialization files to configure the environment for the user. Two special files in your home directory help you access initialization files at every label. These files enable an application at one label to use an initialization file that originates in a directory at a different label. The two special files are .copy_files and .link_files.

.copy_files File

The .copy_files file stores file names to be copied when you first change to a workspace with a higher label. .copy_files is stored in your home directory at your minimum label. This file is useful when you have an application that always writes to a file in your home directory with a specific name. .copy_files enables you to specify that the application update the file at every label.

.link_files File

The .link_files file stores file names to be linked when you first change to a workspace with a higher label. .link_files is stored in your home directory at your minimum label. This file is useful when a specific file needs to be available at multiple labels, but the content must be identical at every label.