next up previous contents
Next: Flexibility in Access Decisions Up: Overview Previous: Encapsulation of Security Policy   Contents


Flexibility in Labeling Decisions

When a Flask object manager requires a label for a new object, it consults the security server to obtain a labeling decision based on the label of the creating subject, the label of a related object, and the class of the new object. For program execution, the Flask process manager obtains the label for the transformed process based on the current label of the process and the label of the program executable. For file creation, the Flask file system object manager obtains the label for the new file based on the label of the creating process, the label of the parent directory, and the kind of file being created. The security server may compute the new label based on these inputs and may also use other external information.

In the Linux implementation, the security server may be configured to automatically cause changes in the role or domain attributes of a process based on the role and domain of the process and the type of the program. By default, the role and domain of a process is not changed by program execution. The Linux security server may also be configured to use specified types for new files based on the domain of the process, the type of the parent directory, and the kind of file. A new file inherits the same type as its parent directory by default. For objects where there is only one relevant SID, object managers typically do not consult the security server. Instead, they merely use this SID as the SID for the new object. Pipes, file descriptions, and sockets inherit the SID of the creating process, and output messages inherit the SID of the sending socket.


next up previous contents
Next: Flexibility in Access Decisions Up: Overview Previous: Encapsulation of Security Policy   Contents