home *** CD-ROM | disk | FTP | other *** search
-
-
-
- tttt6666eeeexxxxtttt____aaaattttttttrrrr((((3333NNNN)))) tttt6666eeeexxxxtttt____aaaattttttttrrrr((((3333NNNN))))
-
-
-
- NNNNAAAAMMMMEEEE
- t6ext_attr, t6new_attr - Activate extended security attributes or set
- policy on security attribute change
-
- SSSSYYYYNNNNOOOOPPPPSSSSIIIISSSS
- cccccccc [[[[ ffffllllaaaaggggssss ............ ]]]] ffffiiiilllleeee
-
- ####iiiinnnncccclllluuuuddddeeee <<<<ssssyyyyssss////tttt6666aaaattttttttrrrrssss....hhhh>>>>
-
- iiiinnnntttt tttt6666eeeexxxxtttt____aaaattttttttrrrr((((iiiinnnntttt ffffdddd,,,, tttt6666ccccmmmmdddd____tttt ccccmmmmdddd))));;;;
-
- iiiinnnntttt tttt6666nnnneeeewwww____aaaattttttttrrrr((((iiiinnnntttt ffffdddd,,,, tttt6666ccccmmmmdddd____tttt ccccmmmmdddd))));;;;
-
- DDDDEEEESSSSCCCCRRRRIIIIPPPPTTTTIIIIOOOONNNN
- _t_6_e_x_t__a_t_t_r turns on extended security operations on the trusted IPC
- mechanism. ffffdddd is the descriptor associated with the IPC mechanism, and
- ccccmmmmdddd must be ON to turn on extended operations, or OFF to turn them off.
- When first created, the trusted IPC mechanism appears the same as an
- untrusted IPC mechanism. It can be used in the same way to send and
- receive data as long as communications do not violate the security
- policies of the system. Between systems that support mandatory access
- control, for example, communications can only occur between processes at
- the same sensitivity level. Before the network endpoint allows a process
- to specify security attributes or manipulate the endpoint's security
- options, it must call _t_6_e_x_t__a_t_t_r. Any attempt to use extended operations
- other than _t_6_e_x_t__e_r_r before calling this routine fails, setting eeeerrrrrrrrnnnnoooo to
- the appropriate value.
-
- _t_6_n_e_w__a_t_t_r with a value of ON for ccccmmmmdddd tells the underlying TSIX software
- that the receiving process is only interested in security attributes if
- they differ from the last set of attributes it received. After this
- call, _t_6_r_e_c_v_f_r_o_m(_3_N) only returns valid security attributes when a change
- in the attributes is detected. This is indicated by setting the
- _t_6_r_e_c_v_f_r_o_m parameter _n_e_w__a_t_t_r_s to non-zero. When new attributes are
- returned, the full set of requested attributes is returned, not just
- those that have changed. When ccccmmmmdddd is OFF, the default situation
- prevails, that is, attributes are returned with each call to _t_6_r_e_c_v_f_r_o_m.
-
- CCCCAAAAPPPPAAAABBBBIIIILLLLIIIITTTTIIIIEEEESSSS
- _t_6_e_x_t__a_t_t_r requires the CCCCAAAAPPPP____NNNNEEEETTTTWWWWOOOORRRRKKKK____MMMMGGGGTTTT capability in the effective
- vector of its capability set.
-
- EEEERRRRRRRROOOORRRRSSSS
- [EINVAL] For _t_6_n_e_w__a_t_t_r, the caller did not initialize the
- endpoint's security extensions prior to this call
-
- [ENOSYS] Function not implemented as the session manager may not be
- installed.
-
- [EPERM] Operation not permitted, inadequate capabilities.
-
-
-
-
-
- PPPPaaaaggggeeee 1111
-
-
-
-
-
-
- tttt6666eeeexxxxtttt____aaaattttttttrrrr((((3333NNNN)))) tttt6666eeeexxxxtttt____aaaattttttttrrrr((((3333NNNN))))
-
-
-
- SSSSEEEEEEEE AAAALLLLSSSSOOOO
- libt6(3N)
-
- SSSSOOOOUUUURRRRCCCCEEEE
- Trusted Systems Interoperability Group
-
- NNNNOOOOTTTTEEEESSSS
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- PPPPaaaaggggeeee 2222
-
-
-
-
-
-
-
