bclearvalid(3)
NAME | SYNOPSIS | DESCRIPTION | ATTRIBUTES | RETURN VALUES | FILES | SEE ALSO | NOTES
NAME
- blvalid, bslvalid, bilvalid, bclearvalid- Check validity of binary label
SYNOPSIS
-
cc [flag...] file... -ltsol [library...]
#include <tsol/label.h>int bslvalid(const bslabel_t * label);
int bclearvalid(const bclear_t * clearance);
DESCRIPTION
The calling process must have
PRIV_SYS_TRANS_LABEL
in its set of effective privileges to inquire about labels that dominate the current process' sensitivity label.
These functions check the validity of binary labels.
bslvalid() examines label to determine if it is a valid sensitivity label for this system.
bclearvalid() examines clearance to determine if it is a valid clearance for this system.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|---|---|
| Availability | SUNWtsu |
| MT-Level | MT-Safe |
RETURN VALUES
- -1
-
If the label_encodings file is inaccessible.
- 0
-
If the binary label is not valid for this system or is not dominated by the process' sensitivity label and the process does not have
PRIV_SYS_TRANS_LABELin its set of effective privileges, - 1
-
If the binary label is valid for this system.
These routines return:
FILES
- /etc/security/tsol/label_encodings
-
The label encodings file contains the classification names, words, constraints, and values for the defined labels of this system.
SEE ALSO
Trusted Solaris 7 Reference Manual
bcltobanner(3) , bilconjoin(3) , blcompare(3) , blinset(3) , blmanifest(3) , blminmax(3) , blportion(3) , bltocolor(3) , bltos(3) , bltype(3) , btohex(3) , hextob(3) , labelinfo(3) , labelvers(3) , sbltos(3) , stobl(3) , label_encodings(4)
SunOS 5.7 Reference Manual
NOTES
-
IL s do not display in window labels; SL s (Sensitivity Labels) display alone within brackets.
-
IL s do not float.
-
Setting an IL on an object has no effect.
-
Getting an object's IL will always return
ADMIN_LOW. -
Although certain utilities, library functions, and system calls can manipulate IL strings, the resulting IL s are always
ADMIN_LOW, and cannot be set on any objects.
Binary sensitivity labels are
valid
if they are contained in the
SYSTEM_ACCREDITATION_RANGE
as checked by
blinset(3)
.
bslvalid()
is a synonym for calling
blinset()
with the containing set of
SYSTEM_ACCREDITATION_RANGE
and is included for completeness.
Information labels (
IL
s) are not supported in Trusted Solaris 7 and later releases. Trusted Solaris software interprets any
IL
s on communications and files from systems running earlier releases as
ADMIN_LOW
.
Objects still have
CMW
labels, and
CMW
labels still include the
IL
component:
IL[SL]
; however, the
IL
component is fixed at
ADMIN_LOW
.
As a result, Trusted Solaris 7 has the following characteristics:
NAME | SYNOPSIS | DESCRIPTION | ATTRIBUTES | RETURN VALUES | FILES | SEE ALSO | NOTES
- © 2010, Oracle Corporation and/or its affiliates