test

Oracle Solaris Trusted Extensions Developer's Guide

AF_INET Family

In the AF_INET family, the process can establish a single-label connection or a multilabel connection to privileged or unprivileged port numbers. To connect to privileged port numbers, the net_priv_addr privilege is required. If a multilevel port connection is sought, the net_bindmlp privilege is also required.

The server process needs the net_bindmlp privilege in its effective set for a multilevel port connection. If a single-level port connection is made instead, the server process needs mandatory read-equal access to the socket, and the client process needs mandatory write-equal access. Both processes need mandatory and discretionary access to the file. If access to the file is denied, any process that is denied access needs the appropriate file privilege in its effective set to gain access.

The following code example shows how a multilevel server can obtain the labels of its connected clients. The standard C library function getpeerucred() obtains a connected socket or a STREAM peer's credentials. In the context of Trusted Extensions, when the listening socket of a multilevel port server accepts a connection request, the first argument is typically a client socket file descriptor. The Trusted Extensions application uses the getpeerucred() function in exactly the same way a normal application program does. The Trusted Extensions addition is ucred_getlabel(), which returns a label. For more information, see the ucred_get(3C) man page.

/*
 * This example shows how a multilevel server can 
 * get the label of its connected clients.
 */
void
remote_client_label(int svr_fd)
{
	ucred_t *uc = NULL;
	m_label_t *sl;
	struct sockaddr_in6 remote_addr;

	bzero((void *)&remote_addr, sizeof (struct sockaddr_in6));

	while (1) {
		int clnt_fd;
		clnt_fd = accept(svr_fd, (struct sockaddr *)&remote_addr,
				&sizeof (struct sockaddr_in6));

		/*
		 * Get client attributes from the socket
		 */
		if (getpeerucred(clnt_fd, &uc) == -1) {
			return;
		}

		/*
		 * Extract individual fields from the ucred structure
		 */

		sl = ucred_getlabel(uc);

		/*
		 * Security label usage here
		 * .....
		 */

		ucred_free(uc);
		close(clnt_fd);
	}
}