Replying with Same Sensitivity Label

A server process can receive a message over a multilevel port at any sensitivity label dominated by the server process's clearance. However, the server reply is normally at the sensitivity label of the server process unless the server process has the net_reply_equal privilege in its effective set in which case the reply is sent at the sensitivity label of the last message received. See Chapter 10, Interprocess Communications for a discussion on single-level and multilevel ports.

Note -

Make sure the net_reply_equal privilege is turned off if the receiving process needs to reply at a sensitivity label different from that of the requesting process. See "TCP/IP Server" for an example situation where net_reply_equal must be turned off.

Previous: Security Attributes
Next: Changing Sensitivity Label