On Tue, 6 Nov 2001, Femitha Majeed wrote:

> Hi, I have question about implementation of Flask architecture.
>
> Are SIDs unique? How does the security server assign an SID to a new object
> given the security contexts(or SIDs) of related objects?

You'll find quite a bit of information about this in the papers and technical reports available on the Documentation and Background pages at the NSA SELinux web site. As for your specific question, SIDs do not uniquely identify individual subjects or objects; they identify security contexts (aka security labels). The security server determines a security context for a new subject or object based on some default logic and the policy rules, and then returns a SID that corresponds to that security context, possibly generating a new SID if one does not already exist for the context.

--
Stephen D. Smalley, NAI Labs
ssmalley@nai.com





--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.