NAME | SYNOPSIS | DESCRIPTION | ATTRIBUTES | RETURN VALUES | EXAMPLES | PROCESS ATTRIBUTES | FILES | NOTES | SEE ALSO | WARNINGS
#include <tsol/label.h>char * sbcltos(const bclabel_t * label , const int len);
The calling process must have
PRIV_SYS_TRANS_LABEL
in its set of effective privileges to perform label translation on labels that dominate the current process's sensitivity label.
These functions translate binary labels into canonical strings that are clipped to the number of printable characters specified in len . Clipping is required if the number of characters of the translated string is greater than len . Clipping is done by truncating the label on the right to two characters less than the specified number of characters. A clipped indicator, "<-", is appended to sensitivity labels and clearances, and a clipped indicator, "->", is prepended to information labels. However, information labels ( IL s) are now obsolete. See NOTES below. The character-coded label begins with a classification name separated with a single space character from the list of words making up the remainder of the label. The binary labels must be of the proper defined type and dominated by the process's sensitivity label. In the case of a binary CMW label, the sensitivity label portion must also dominate the information label portion. A len of 0 (zero) returns the entire string with no clipping.
sbcltos() translates a binary CMW label into a clipped string of the form:
INFORMATION LABEL [ SENSITIVITY LABEL ]
using the long form of the words in the information and sensitivity labels, the long form of the classification name of the information label, and the short form of the classification name of the sensitivity label. The INFORMATION LABEL is clipped first until there is only one character of it remaining, then the SENSITIVITY LABEL is clipped. If len is less than the minimum number of characters, eight, the translation will fail. However, information labels ( IL s) are now obsolete. See NOTES below.
sbsltos() translates a binary sensitivity label into a clipped string using the long form of the words and the short form of the classification name. If len is less than the minimum number of characters, three, the translation fails.
sbcleartos() translates a binary clearance into a clipped string using the long form of the words and the short form of the classification name. If len is less than the minimum number of characters, three, the translation fails. The translation of a clearance may not be the same as the translation of a sensitivity label. These functions use different tables of the label_encodings file which may contain different words and constraints.
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
---|---|
Availability | SUNWtsu |
MT-Level | Unsafe |
These routines return a pointer to a statically allocated string that contains the result of the translation, or (char *)0 if the translation fails for any reason.
UNAVAILABLE LOWER DRAWER [UN TOP/MIDDLE/LOWER DRAWER]
when clipped to twelve characters it is:
->U [UN TO<-
UN TOP/MIDDLE/LOWER DRAWER
when clipped to ten characters it is:
UN TOP/M<-
If the
VIEW_EXTERNAL
or
VIEW_INTERNAL
flags are not specified, translation of
ADMIN_LOW
and
ADMIN_HIGH
labels is controlled by the
label view process attribute flags. If no label view process attribute flags are defined, their translation is controlled by the label view configured in the
label_encodings
file. A value of
External
specifies that
ADMIN_LOW
and
ADMIN_HIGH
labels are mapped to the lowest and highest labels defined in the
label_encodings
file. A value of
Internal
specifies that the
ADMIN_LOW
and
ADMIN_HIGH
labels are translated to the
admin low name
and
admin high name
strings specified in the
label_encodings
file. If no such names are specified, the strings "
ADMIN_LOW
" and "
ADMIN_HIGH
" are used.
The label encodings file contains the classification names, words, constraints, and values for the defined labels of this system.
Information labels (
IL
s) are not supported in Trusted Solaris 7 and later releases. Trusted Solaris software interprets any
IL
s on communications and files from systems running earlier releases as
ADMIN_LOW
.
Objects still have
CMW
labels, and
CMW
labels still include the
IL
component:
IL[SL]
; however, the
IL
component is fixed at
ADMIN_LOW
.
As a result, Trusted Solaris 7 has the following characteristics:
IL s do not display in window labels; SL s (Sensitivity Labels) display alone within brackets.
IL s do not float.
Setting an IL on an object has no effect.
Getting an object's
IL
will always return
ADMIN_LOW
.
Although certain utilities, library functions, and system calls can manipulate
IL
strings, the resulting
IL
s are always
ADMIN_LOW
, and cannot be set on any objects.
Options related to information labels in the label_encodings(4) file can be ignored:
Markings Name= Marks; Float Process Information Label;
bcltobanner(3) , bilconjoin(3) , blcompare(3) , blinset(3) , blmanifest(3) , blminmax(3) , blportion(3) , bltocolor(3) , bltos(3) , bltype(3) , blvalid(3) , btohex(3) , hextob(3) , labelinfo(3) , labelvers(3) , stobl(3) , label_encodings(4)
Trusted Solaris Developer's Guide , Trusted Solaris user's document set , and Trusted Solaris administrator's document set
All these functions share the same statically allocated string storage. They are not MT-Safe. Subsequent calls to any of these functions will overwrite that string with the newly translated string.
NAME | SYNOPSIS | DESCRIPTION | ATTRIBUTES | RETURN VALUES | EXAMPLES | PROCESS ATTRIBUTES | FILES | NOTES | SEE ALSO | WARNINGS