Solaris Trusted Extensions Developer's Guide
Previous Next

Setting a File Sensitivity Label

When you change the sensitivity label of a file, the file is moved to a new zone that matches the file's new label.

In this code example, the process is running at the CONFIDENTIAL label. The user who is running the process has a TOP SECRET clearance. The TOP SECRET label dominates the CONFIDENTIAL label. The process upgrades the sensitivity label to TOP SECRET. The user needs the Upgrade File Label RBAC authorization to successfully perform the upgrade.

The following program is called upgrade-afile.

#include <tsol/label.h>

main()
{
   int retval, error;
   m_label_t *fsenslabel;
   char *string = “TOP SECRET”;
   *string1 = “TOP SECRET”;

   /* Create new sensitivity label value */
   if ((retval = str_to_label(string, &fsenslabel, MAC_LABEL, L_DEFAULT, &err)) != 0) {
        perror("str_to_label(MAC_LABEL, L_DEFAULT) failed");
        exit(1);
    }

   /* Set file label to new value */
   if ((retval = setflabel(“/export/home/zelda/afile”, &fsenslabel)) != 0) {
        perror("setflabel(“/export/home/zelda/afile”) failed");
        exit(1);
    }

   m_label_free(fsenslabel);
}

The result of running this program depends on the process's label, relative to the label of the file that was passed to the process.

Before and after you run this program, you use the getlabel command to verify the file's label. As the following shows, before the program runs, the label for afile is CONFIDENTIAL. After the program runs, the label for afile is TOP SECRET.

% pwd
/export/home/zelda
% getlabel afile
afile: CONFIDENTIAL
% update-afile
% getlabel afile
afile: TOP SECRET

If you run the getlabel command from a window labeled CONFIDENTIAL after you reclassified the file, it is no longer visible. If you run the getlabel command in a window labeled TOP SECRET, you can see the reclassified file.

Previous Next