This section describes our design for integrating the Flask security mechanisms into the Linux file system component. It begins with a discussion of the object classes and permissions defined for the file system component. This is followed by a description of the control requirements for the system calls used to manage and perform directory and file operations. Then, the approach for providing persistent labels for files, directories, and file systems is discussed. Finally, the new file-related system calls defined for security-aware applications are described.