NAME | SYNOPSIS | DESCRIPTION | ATTRIBUTES | SEE ALSO | NOTES
#include <tsix/t6attrs.h>int t6ext_attr(int fd, t6cmd_t cmd);
t6ext_attr() turns on extended security operations on the trusted IPC mechanism. fd is the descriptor associated with the IPC mechanism. cmd must be either ON to turn on extended operations or OFF to turn them off. When first created, the trusted IPC mechanism appears the same as an untrusted IPC mechanism. The trusted mechanism can be used in the same way to send and receive data as long as communications do not violate the security policies of the system. Between systems that support mandatory access control, for example, communications can occur only between processes at the same sensitivity level. Before it allows a process to specify security attributes or manipulate the endpoint's security options, the network endpoint must call t6ext_attr() .
t6new_attr() with a cmd value of ON tells the underlying TSIX software that the receiving process is interested in security attributes only if they differ from the last set of attributes received. After this call, t6recvfrom(3NSL) returns valid security attributes only when a change in the attributes is detected. This situation is indicated by setting the t6recvfrom() parameter new_attrs to nonzero. When new attributes are returned, the full set of requested attributes is returned, not just those that have changed. When cmd is OFF , the default situation prevails: attributes are returned with each call to t6recvfrom() .
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
---|---|
Availability | SUNWtsu |
MT-Level | MT-Safe |
In the Trusted Solaris environment, t6ext_attr() is a NULL function.
This man page is based on the version from the TSIX (RE) 1.1 Application Programming Interface ( API ) document; and this interface is available in TSIX(RE) 1.1- API -compliant systems.
NAME | SYNOPSIS | DESCRIPTION | ATTRIBUTES | SEE ALSO | NOTES