Use of Process Clearance
When an application starts from the workspace, the user's session clearance is set on the process and called the process clearance. If the application forks a process, the new process's clearance is set to the calling process's clearance. If the application exec's a program the new program's clearance is set to the calling process's clearance.
The session clearance is selected at login. It sets the least upper bound at which the user can work during that login session and is dominated by the user clearance. The user clearance is assigned by the system administrator and determines the highest sensitivity label at which the user can work during any login session.
When users start applications from the workspace, the process CMW label is set from the values in the workspace CMW label. Because the process gets the session clearance and the workspace CMW label, the process clearance is always greater than or equal to the sensitivity label portion of the process CMW label. There is no privilege to change this rule.
A clearance has a classification and set of one or more compartments like the sensitivity label portion of a CMW label. A clearance is not a sensitivity label, but used in addition to the process's sensitivity label in the following ways.
-
When a process changes its sensitivity label, the process clearance determines the highest level to which the sensitivity label can be changed. A process cannot make its sensitivity label higher than its clearance. There is no privilege to change this rule.
-
When a process writes to an object at a higher sensitivity label (write-up), the process clearance determines the highest level to which the process may write up. A process cannot write above its own clearance.
- © 2010, Oracle Corporation and/or its affiliates