sbsltos(3tsol)

1sbltos(3TSOL)        Trusted Extensions Library Functions        sbltos(3TSOL)
2
3
4

NAME

6       sbltos,  sbsltos,  sbcleartos  -  translate  binary labels to canonical
7       character-coded labels
8

SYNOPSIS

10       cc [flag...] file... -ltsol [library...]
11
12
13       #include <tsol/label.h>
14
15       char *sbsltos(const m_label_t *label, const int len);
16
17
18       char *sbcleartos(const m_label_t *clearance, const int len);
19
20

DESCRIPTION

22       These functions translate binary labels into canonical strings that are
23       clipped  to  the number of printable characters specified in len. Clip‐
24       ping is required if the number of characters of the  translated  string
25       is  greater  than  len. Clipping is done by truncating the label on the
26       right to two characters less than the specified number of characters. A
27       clipped  indicator,  "<−", is appended to sensitivity labels and clear‐
28       ances. The character-coded label begins with a classification name sep‐
29       arated  with  a single space character from the list of words making up
30       the remainder of the label. The binary labels must  be  of  the  proper
31       defined type and dominated by the process's sensitivity label. A len of
32       0 (zero) returns the entire string with no clipping.
33
34
35       The sbsltos() function translates a binary  sensitivity  label  into  a
36       clipped  string  using the long form of the words and the short form of
37       the classification name. If len is less  than  the  minimum  number  of
38       characters (three), the translation fails.
39
40
41       The  sbcleartos() function translates a binary clearance into a clipped
42       string using the long form of the words and the short form of the clas‐
43       sification  name.  If len is less than the minimum number of characters
44       (three), the translation fails. The translation of  a  clearance  might
45       not  be the same as the translation of a sensitivity label. These func‐
46       tions use different tables of the label_encodings file which might con‐
47       tain different words and constraints.
48
49
50       The calling process must have PRIV_SYS_TRANS_LABEL in its set of effec‐
51       tive privileges to perform label translation on  labels  that  dominate
52       the current process's sensitivity label.
53
54   Process Attributes
55       If the VIEW_EXTERNAL or VIEW_INTERNAL flags are not specified, transla‐
56       tion of ADMIN_LOW and ADMIN_HIGH labels is controlled by the label view
57       process  attribute  flags. If no label view process attribute flags are
58       defined, their translation is controlled by the label  view  configured
59       in  the  label_encodings  file.  A  value  of  External  specifies that
60       ADMIN_LOW and ADMIN_HIGH labels are mapped to the  lowest  and  highest
61       labels  defined in the label_encodings file. A value of Internal speci‐
62       fies that the ADMIN_LOW and ADMIN_HIGH labels  are  translated  to  the
63       admin   low   name  and  admin  high  name  strings  specified  in  the
64       label_encodings file. If no  such  names  are  specified,  the  strings
65       "ADMIN_LOW" and "ADMIN_HIGH" are used.
66

RETURN VALUES

68       These  functions return a pointer to a statically allocated string that
69       contains the result of the translation, or (char *)0 if the translation
70       fails for any reason.
71

EXAMPLES

73   sbsltos()
74       Assume that a sensitivity label is:
75
76         UN TOP/MIDDLE/LOWER DRAWER
77
78
79
80
81       When clipped to ten characters it is:
82
83         UN TOP/M<−
84
85
86
87   sbcleartos()
88       Assume that a clearance is:
89
90         UN TOP/MIDDLE/LOWER DRAWER
91
92
93
94
95       When clipped to ten characters it is:
96
97         UN TOP/M<−
98
99
100

FILES

102       /etc/security/tsol/label_encodings
103
104           The  label encodings file contains the classification names, words,
105           constraints, and values for the defined labels of this system.
106
107

ATTRIBUTES

109       See attributes(5) for descriptions of the following attributes:
110
111
112
113
114       ┌─────────────────────────────┬─────────────────────────────┐
115       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
116       ├─────────────────────────────┼─────────────────────────────┤
117       │Interface Stability          │Obsolete                     │
118       ├─────────────────────────────┼─────────────────────────────┤
119       │MT-Level                     │Unsafe                       │
120       └─────────────────────────────┴─────────────────────────────┘
121
122
123       These functions are obsolete and retained for  ease  of  porting.  They
124       might  be  removed  in a future Solaris Trusted Extensions release. Use
125       the label_to_str(3TSOL) function instead.
126

WARNINGS

131       All these functions share the same statically allocated string storage.
132       They  are  not MT-Safe. Subsequent calls to any of these functions will
133       overwrite that string with the newly translated string.
134

NOTES

136       The functionality described on this manual page is  available  only  if
137       the system is configured with Trusted Extensions.
138
139
140
141SunOS 5.11                        20 Jul 2007                    sbltos(3TSOL)