Trusted Extensions Library Functions bltos(3TSOL)
NAME
bltos, bsltos, bcleartos - translate binary labels to char-
acter coded labels
SYNOPSIS
cc [flag...] file... -ltsol [library...]
#include
int bsltos(const mlabelt *label, char **string,
const int strlen, const int flags);
int bcleartos(const mlabelt *label, char **string,
const int strlen, const int flags);
DESCRIPTION
These functions translate binary labels into strings con-
trolled by the value of the flags parameter.
The bsltos() function translates a binary sensitivity label
into a string. The applicable flags are LONGCLASIFICATION
or SHORTCLASIFICATION, LONGWORDS or SHORTWORDS,
VIEWEXTERNAL or VIEWINTERNAL, and NOCLASIFICATION. A
flags value 0 is equivalent to (SHORTCLASIFICATION
LONGWORDS).
The bcleartos() function translates a binary clearance into
a string. The applicable flags are LONGCLASIFICATION or
SHORTCLASIFICATION, LONGWORDS or SHORTWORDS,
VIEWEXTERNAL or VIEWINTERNAL, and NOCLASIFICATION. A
flags value 0 is equivalent to (SHORTCLASIFICATION
LONGWORDS). The translation of a clearance might not be the
same as the translation of a sensitivity label. These func-
tions use different labelencodings file tables that might
contain different words and constraints.
The calling process must have PRIVSYSTRANSLABEL in its
set of effective privileges to perform label translation on
labels that dominate the current process's sensitivity
label.
The generic form of an output character-coded label is:
CLASIFICATION WORD1 WORD2 WORD3/WORD4 SUFIX PREFIX WORD5/WORD6
SunOS 5.11 Last change: 20 Jul 2007 1
Trusted Extensions Library Functions bltos(3TSOL)
Capital letters are used to display all CLASIFICATION names
and WORDs. The ` ' (space) character separates classifica-
tions and words from other words in all character-coded
labels except where multiple words that require the same
PREFIX or SUFIX are present, in which case the multiple
words are separated from each other by the `/' (slash) char-
acter.
The string argument can point to either a pointer to pre-
allocated memory, or the value (char *)0. If string points
to a pointer to pre-allocated memory, then strlen indicates
the size of that memory. If string points to the value
(char *)0, memory is allocated using malloc() to contain the
translated character-coded labels. The translated label is
copied into allocated or pre-allocated memory.
The flags argument is 0 or the logical sum of the following:
LONGWORDS Translate using long names of words
defined in label.
SHORTWORDS Translate using short names of words
defined in label. If no short name
is defined in the labelencodings
file for a word, the long name is
used.
LONGCLASIFICATION Translate using long name of clas-
sification defined in label.
SHORTCLASIFICATION Translate using short name of clas-
sification defined in label.
ACESRELATED Translate only access-related
entries defined in information label
label.
VIEWEXTERNAL Translate ADMINLOW and ADMINHIGH
labels to the lowest and highest
labels defined in the
labelencodings file.
VIEWINTERNAL Translate ADMINLOW and ADMINHIGH
labels to the admin low name and
SunOS 5.11 Last change: 20 Jul 2007 2
Trusted Extensions Library Functions bltos(3TSOL)
admin high name strings specified in
the labelencodings file. If no
strings are specified, the strings
"ADMINLOW" and "ADMINHIGH" are
used.
NOCLASIFICATION Do not translate classification
defined in label.
Process Attributes
If the VIEWEXTERNAL or VIEWINTERNAL flags are not speci-
fied, translation of ADMINLOW and ADMINHIGH labels is con-
trolled by the label view process attribute flags. If no
label view process attribute flags are defined, their trans-
lation is controlled by the label view configured in the
labelencodings file. A value of External specifies that
ADMINLOW and ADMINHIGH labels are mapped to the lowest and
highest labels defined in the labelencodings file. A value
of Internal specifies that the ADMINLOW and ADMINHIGH
labels are translated to the admin low and admin high name
strings specified in the labelencodings file. If no such
names are specified, the strings "ADMINLOW" and
"ADMINHIGH" are used.
RETURN VALUES
Upon successful completion, the bsltos() and bcleartos()
functions return the length of the character-coded label,
including the NUL terminator.
If the label is not of the valid defined required type, if
the label is not dominated by the process sensitivity label
and the process does not have PRIVSYSTRANSLABEL in its
set of effective privileges, or if the labelencodings file
is inaccessible, these functions return -1.
If memory cannot be allocated for the return string or if
the pre-allocated return string memory is insufficient to
hold the string, these functions return 0. The value of the
pre-allocated string is set to the NUL string
(*string[0]=' 0';).
FILES
/etc/security/tsol/labelencodings
The label encodings file contains the classification
names, words, constraints, and values for the defined
labels of this system.
SunOS 5.11 Last change: 20 Jul 2007 3
Trusted Extensions Library Functions bltos(3TSOL)
ATRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
ATRIBUTE TYPE ATRIBUTE VALUE
Interface Stability Obsolete
MT-Level MT-Safe with exceptions
The bsltos() and bcleartos() functions are Obsolete. Use the
labeltostr(3TSOL) function instead.
SEE ALSO
free(3C), labeltostr(3TSOL), libtsol(3LIB), malloc(3C),
labelencodings(4), attributes(5)
NOTES
The functionality described on this manual page is available
only if the system is configured with Trusted Extensions.
If memory is allocated by these functions, the caller must
free the memory with free(3C) when the memory is no longer
in use.
SunOS 5.11 Last change: 20 Jul 2007 4
|
