man pages section 3: Library Functions

libt6(3NSL)

NAME

libt6- TSIX trusted IPC library

SYNOPSIS

cc

flag

file

-lt6

library

#include <tsix/t6attrs.h>

DESCRIPTION

libt6() constitutes the TSIX Application Program Interface (API). It is a library of routines that an application uses to control attribute transport during trusted interprocess communication. The routines in the library are recommended over the underlying system call interfaces for portability because they shield the application from operating system, communication protocol, and IPC mechanism specifics.

The libt6() routines provide interfaces through which the trusted application:

Specifies the security attributes used to label outgoing IPC messages (on-message attributes) and reads the on-message attributes associated with a received message.
Controls the security options of the endpoint used to perform trusted IPC.

Security Attributes

The security attributes associated with the sending process are called on-message attributes because they are independent of the contents of the message. The TCBs decide what to do with the message based on the on-message attributes. The security attributes associated with a process, and therefore those that are used to label IPC messages, vary with the configuration of the system but must be a subset of the following attributes:

Sensitivity Label
Nationality Caveats
Integrity Label
TSIX Session ID
Clearance
Access Control List
Effective Privileges
Audit ID
Process ID
Additional Audit Information
Process Attributes
User ID
Group ID
Supplementary Group IDs

Note -

Some of these attributes imply component security policies that may not be available on some systems. Also, Information Labels (ILs) are now obsolete. See NOTES.

The TSIX application program interface allows trusted applications to change the on-message attributes associated with an outgoing message and retrieve the on-message attributes associated with an incoming message.

On-Message Attribute Routines

The on-message attribute routines affect the security attributes associated with outgoing messages or retrieve attributes associated with incoming messages. The caller specifies attributes to these routines through a t6attr_t control structure (defined in <tsix/t6attrs.h>), an opaque structure used to access sets of security attributes. The caller specifies the attributes applied to outbound messages or retrieved from incoming messages through TSIX routines. Specified attributes are copied from or written to the buffers accessible through the control structure. Any attributes not designated by the sender are supplied for outgoing messages by the underlying trusted kernel. The routines that send and retrieve on-message attributes operate on sockets or streams, generically referred to as endpoints.

t6alloc_blk(3NSL): Allocates space for a t6attr_t control structure.
t6free_blk(3NSL): Frees attribute control structure and buffers. This interface should be used in conjunction with t6alloc_blk(3NSL), which allocates the space.
t6dup_blk(3NSL): Given one attribute control structure, this routine allocates enough storage to hold a duplicate control structure and all attributes it references, and creates a duplicate.
t6copy_blk(3NSL): Copies a t6attr_t control structure and the security attributes to which it points into a second, previously allocated t6attr_t structure and its previously allocated buffers.
t6clear_blk(3NSL): Clears attributes from a t6attr_t control structure.
t6cmp_blk(3NSL): Compares two t6attr_t control structures for equal attributes set.
t6size_attr(3NSL): Gets the size of an attribute from the control structure.
t6get_attr(3NSL): Gets an attribute handled by the control structure.
t6set_attr(3NSL): Sets an attribute handled by the control structure.
t6sendto(3NSL): Sends data and a specified set of security attributes on a endpoint.
t6recvfrom(3NSL): Reads a network message and retrieves the security attributes associated with the data.
t6peek_attr(3NSL): Peeks ahead and returns the attributes associated with the next byte of data.
t6last_attr(3NSL): Returns the security attributes associated with the last byte of data read from the network endpoint.
t6get_endpt_mask(3NSL): Gets the endpoint mask.
t6set_endpt_mask(3NSL): Sets the endpoint mask.
t6get_endpt_default(3NSL): Gets the endpoint default security attributes.
t6set_endpt_default(3NSL): Sets the endpoint default security attributes.
t6attr_query(3NSL): Gets a mask that indicates which attributes came from templates.

NETWORK ENDPOINT SECURITY OPTIONS

A trusted application can manipulate a number of security options associated with the network endpoint via the following calls:

t6ext_attr(3NSL): Turns on or off the security extensions to the network endpoint. This must be called before using any other libt6() routines.
t6new_attr(3NSL): Specifies to the network endpoint that the receiving process is only interested in receiving attributes if they have changed since the last time it received them. This saves the overhead created by passing attributes unnecessarily with each message.

INCLUDE FILES

Any programs that use routines in this library must include the header files containing declarations pertinent to the routine. The synopsis section of each manual page indicates the required header files. Most routines in the library contain references to declarations defined in <tsix/t6attrs.h>. This file defines constants for attribute types to be used by various TSIX attribute library access functions, as well as constants used as parameters to the library functions.

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE	ATTRIBUTE VALUE
Availability	Trusted Solaris systems and on all other TSIX(RE) 1.1 -API compliant systems
MT-Level	MT-Safe

TRUSTED SOLARIS SECURITY ATTRIBUTES

The Trusted Solaris environment supports the following security attributes:

Sensitivity Label
Clearance
Effective Privileges
Process Attributes
Effective User ID
Effective Group ID

Information Labels (ILs), however, are obsolete. See NOTES.

The Trusted Solaris environment also supports the following attributes as read only:

Session ID
Access Control List
Audit ID
Process ID
Additional Audit Information
Supplemental Group IDs

NOTES

This man page is based on the version from the TSIX(RE) 1.1 Application Programming Interface (API) document.

Information labels (ILs) are not supported in Trusted Solaris 7 and later releases. Trusted Solaris software interprets any ILs on communications and files from systems running earlier releases as ADMIN_LOW.

Objects still have CMW labels, and CMW labels still include the IL component: IL[SL]; however, the IL component is fixed at ADMIN_LOW.

As a result, Trusted Solaris 7 and later releases have the following characteristics:

ILs do not display in window labels; SLs (Sensitivity Labels) display alone within brackets.
ILs do not float.
Setting an IL on an object has no effect.
Getting an object's IL will always return ADMIN_LOW.
Although certain utilities, library functions, and system calls can manipulate IL strings, the resulting ILs are always ADMIN_LOW, and cannot be set on any objects.

Trusted Solaris 8 Last Revised 1 Mar 2000