1sbltos(3TSOL) Trusted Extensions Library Functions sbltos(3TSOL)
2
3
4
6 sbltos, sbsltos, sbcleartos - translate binary labels to canonical
7 character-coded labels
8
10 cc [flag...] file... -ltsol [library...]
11
12
13 #include <tsol/label.h>
14
15 char *sbsltos(const m_label_t *label, const int len);
16
17
18 char *sbcleartos(const m_label_t *clearance, const int len);
19
20
22 These functions translate binary labels into canonical strings that are
23 clipped to the number of printable characters specified in len. Clip‐
24 ping is required if the number of characters of the translated string
25 is greater than len. Clipping is done by truncating the label on the
26 right to two characters less than the specified number of characters. A
27 clipped indicator, "<−", is appended to sensitivity labels and clear‐
28 ances. The character-coded label begins with a classification name sep‐
29 arated with a single space character from the list of words making up
30 the remainder of the label. The binary labels must be of the proper
31 defined type and dominated by the process's sensitivity label. A len of
32 0 (zero) returns the entire string with no clipping.
33
34
35 The sbsltos() function translates a binary sensitivity label into a
36 clipped string using the long form of the words and the short form of
37 the classification name. If len is less than the minimum number of
38 characters (three), the translation fails.
39
40
41 The sbcleartos() function translates a binary clearance into a clipped
42 string using the long form of the words and the short form of the clas‐
43 sification name. If len is less than the minimum number of characters
44 (three), the translation fails. The translation of a clearance might
45 not be the same as the translation of a sensitivity label. These func‐
46 tions use different tables of the label_encodings file which might con‐
47 tain different words and constraints.
48
49
50 The calling process must have PRIV_SYS_TRANS_LABEL in its set of effec‐
51 tive privileges to perform label translation on labels that dominate
52 the current process's sensitivity label.
53
54 Process Attributes
55 If the VIEW_EXTERNAL or VIEW_INTERNAL flags are not specified, transla‐
56 tion of ADMIN_LOW and ADMIN_HIGH labels is controlled by the label view
57 process attribute flags. If no label view process attribute flags are
58 defined, their translation is controlled by the label view configured
59 in the label_encodings file. A value of External specifies that
60 ADMIN_LOW and ADMIN_HIGH labels are mapped to the lowest and highest
61 labels defined in the label_encodings file. A value of Internal speci‐
62 fies that the ADMIN_LOW and ADMIN_HIGH labels are translated to the
63 admin low name and admin high name strings specified in the
64 label_encodings file. If no such names are specified, the strings
65 "ADMIN_LOW" and "ADMIN_HIGH" are used.
66
68 These functions return a pointer to a statically allocated string that
69 contains the result of the translation, or (char *)0 if the translation
70 fails for any reason.
71
73 sbsltos()
74 Assume that a sensitivity label is:
75
76 UN TOP/MIDDLE/LOWER DRAWER
77
78
79
80
81 When clipped to ten characters it is:
82
83 UN TOP/M<−
84
85
86
87 sbcleartos()
88 Assume that a clearance is:
89
90 UN TOP/MIDDLE/LOWER DRAWER
91
92
93
94
95 When clipped to ten characters it is:
96
97 UN TOP/M<−
98
99
100
102 /etc/security/tsol/label_encodings
103
104 The label encodings file contains the classification names, words,
105 constraints, and values for the defined labels of this system.
106
107
109 See attributes(5) for descriptions of the following attributes:
110
111
112
113
114 ┌─────────────────────────────┬─────────────────────────────┐
115 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
116 ├─────────────────────────────┼─────────────────────────────┤
117 │Interface Stability │Obsolete │
118 ├─────────────────────────────┼─────────────────────────────┤
119 │MT-Level │Unsafe │
120 └─────────────────────────────┴─────────────────────────────┘
121
122
123 These functions are obsolete and retained for ease of porting. They
124 might be removed in a future Solaris Trusted Extensions release. Use
125 the label_to_str(3TSOL) function instead.
126
128 label_to_str(3TSOL), libtsol(3LIB), attributes(5), labels(5)
129
131 All these functions share the same statically allocated string storage.
132 They are not MT-Safe. Subsequent calls to any of these functions will
133 overwrite that string with the newly translated string.
134
136 The functionality described on this manual page is available only if
137 the system is configured with Trusted Extensions.
138
139
140
141SunOS 5.11 20 Jul 2007 sbltos(3TSOL)