The following list describes the keywords that can be defined for classifications. For examples of initial compartment definitions, see Default and Inverse Words.
The values that you assign should represent the actual hierarchy among the classifications. The values should leave room for later expansion. 0 is reserved for ADMIN_LOW. Values can start at 1 and go to 255.
Advanced: Specify bit numbers for any inverse words. The minimum classification should not have initial compartments.
Obsolete. Do not define.
VERSION= Trusted Solaris Multi-Label Sample Version - 5.6 05/07/27 * * WARNING: If CIPSO Tag Type 1 network labels are to be used: * * a) All CLASSIFICATIONS values must be less than or equal to 255. * b) All COMPARTMENTS bits must be less than or equal to 239. * CLASSIFICATIONS: * name= UNCLASSIFIED; sname= U; value= 1; name= CONFIDENTIAL; sname= C; value= 4; initial compartments= 4-5 190-239; name= SECRET; sname= S; value= 5; initial compartments= 4-5 190-239; name= TOP SECRET; sname= TS; value= 6; initial compartments= 4-5 190-239;
Each classification has the mandatory name, sname, and value fields. The CONFIDENTIAL, SECRET, and TOP SECRET classifications have initial compartments. The lowest classification, UNCLASSIFIED, has no initial compartments.
The initial compartment bit assignments of 4-5 and 190-239 signify that bits 4, 5, and 190 through 239 are turned on. These bits are set to 1 in a label with this classification.
Some of the initial compartments are later used to define default and inverse words. Some initial compartments are reserved for possible later definitions of inverse words.
CLASSIFICATIONS: name= PUBLIC; sname= PUBLIC; value= 1; name= INTERNAL_USE_ONLY; sname= INTERNAL; aname= INTERNAL; value= 4; name= NEED_TO_KNOW; sname= NEED_TO_KNOW; aname= NEED_TO_KNOW; value= 5; name= REGISTERED; sname= REGISTERED; aname= REGISTERED; value= 6;