sbltos(3TSOL) Trusted Extensions Library Functions sbltos(3TSOL)NAME
sbltos, sbsltos, sbcleartos - translate binary labels to canonical
character-coded labels
SYNOPSIS
cc [flag...] file... -ltsol [library...]
#include <tsol/label.h>
char *sbsltos(const m_label_t *label, const int len);
char *sbcleartos(const m_label_t *clearance, const int len);
DESCRIPTION
These functions translate binary labels into canonical strings that are
clipped to the number of printable characters specified in len. Clip‐
ping is required if the number of characters of the translated string
is greater than len. Clipping is done by truncating the label on the
right to two characters less than the specified number of characters. A
clipped indicator, "<−", is appended to sensitivity labels and clear‐
ances. The character-coded label begins with a classification name sep‐
arated with a single space character from the list of words making up
the remainder of the label. The binary labels must be of the proper
defined type and dominated by the process's sensitivity label. A len of
0 (zero) returns the entire string with no clipping.
The sbsltos() function translates a binary sensitivity label into a
clipped string using the long form of the words and the short form of
the classification name. If len is less than the minimum number of
characters (three), the translation fails.
The sbcleartos() function translates a binary clearance into a clipped
string using the long form of the words and the short form of the clas‐
sification name. If len is less than the minimum number of characters
(three), the translation fails. The translation of a clearance might
not be the same as the translation of a sensitivity label. These func‐
tions use different tables of the label_encodings file which might con‐
tain different words and constraints.
The calling process must have PRIV_SYS_TRANS_LABEL in its set of effec‐
tive privileges to perform label translation on labels that dominate
the current process's sensitivity label.
Process Attributes
If the VIEW_EXTERNAL or VIEW_INTERNAL flags are not specified, transla‐
tion of ADMIN_LOW and ADMIN_HIGH labels is controlled by the label view
process attribute flags. If no label view process attribute flags are
defined, their translation is controlled by the label view configured
in the label_encodings file. A value of External specifies that
ADMIN_LOW and ADMIN_HIGH labels are mapped to the lowest and highest
labels defined in the label_encodings file. A value of Internal speci‐
fies that the ADMIN_LOW and ADMIN_HIGH labels are translated to the
admin low name and admin high name strings specified in the
label_encodings file. If no such names are specified, the strings
"ADMIN_LOW" and "ADMIN_HIGH" are used.
RETURN VALUES
These functions return a pointer to a statically allocated string that
contains the result of the translation, or (char *)0 if the translation
fails for any reason.
EXAMPLESsbsltos()
Assume that a sensitivity label is:
UN TOP/MIDDLE/LOWER DRAWER
When clipped to ten characters it is:
UN TOP/M<−
sbcleartos()
Assume that a clearance is:
UN TOP/MIDDLE/LOWER DRAWER
When clipped to ten characters it is:
UN TOP/M<−
FILES
/etc/security/tsol/label_encodings
The label encodings file contains the classification names, words,
constraints, and values for the defined labels of this system.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
┌─────────────────────────────┬─────────────────────────────┐
│ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
├─────────────────────────────┼─────────────────────────────┤
│Interface Stability │Obsolete │
├─────────────────────────────┼─────────────────────────────┤
│MT-Level │Unsafe │
└─────────────────────────────┴─────────────────────────────┘
These functions are obsolete and retained for ease of porting. They
might be removed in a future Solaris Trusted Extensions release. Use
the label_to_str(3TSOL) function instead.
SEE ALSOlabel_to_str(3TSOL), libtsol(3LIB), attributes(5), labels(5)WARNINGS
All these functions share the same statically allocated string storage.
They are not MT-Safe. Subsequent calls to any of these functions will
overwrite that string with the newly translated string.
NOTES
The functionality described on this manual page is available only if
the system is configured with Trusted Extensions.
SunOS 5.11 20 Jul 2007 sbltos(3TSOL)