JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Trusted Extensions Developer's Guide     Oracle Solaris 10 1/13 Information Library
search filter icon
search icon

Document Information


1.  Trusted Extensions APIs and Security Policy

2.  Labels and Clearances

3.  Label Code Examples

4.  Printing and the Label APIs

5.  Interprocess Communications

Multilevel Port Information

Communication Endpoints

Berkeley Sockets and TLI

AF_UNIX Family

AF_INET Family

RPC Mechanism

Using Multilevel Ports With UDP

6.  Trusted X Window System

7.  Label Builder APIs

8.  Trusted Web Guard Prototype

9.  Experimental Java Bindings for the Solaris Trusted Extensions Label APIs

A.  Programmer's Reference

B.  Trusted Extensions API Reference


Multilevel Port Information

A system that is configured with Trusted Extensions supports single-level and multilevel ports. These ports are used to create connections between applications. A multilevel port can receive data within the range of sensitivity labels that is defined for that port. A single-level port can receive data at a designated sensitivity label only.


Caution - If a connection is multilevel, ensure that the application does not make a connection at one sensitivity label, and then send or receive data at another sensitivity label. Such a configuration would cause data to reach an unauthorized destination.

The Trusted Network library provides an interface to retrieve the label from a packet. The programmatic manipulation of network packets is not needed. Specifically, you cannot change the security attributes of a message before it is sent. Also, you cannot change the security attributes on the communication endpoint over which the message is sent. You can read the label of a packet, just as you read other security information of a packet. The ucred_getlabel() function is used to retrieve label information.

If your application requires the use of a multilevel port, that port cannot be created programmatically. Rather, you must tell the system administrator to create a multilevel port for the application.

For more information about multilevel ports, see the following: