MAC implementation with definable policy

James Buster bitbug at seal.engr.sgi.com
Thu Sep 30 21:16:48 GMT 1999 

On Sep 30,  5:35pm, "Ilmar S. Habibulin" wrote:
} > } Ok. I'm reading file with labelA, then i'm reading file with labelB, which
} > } dominates labelA. After reading i'm cleating new file. What label should
} > } it have?
} >
} > The same label your process has.
}
} Ok, process have labelC, that dominates labelB and labelA. So we create
} file with labelC - why?

If a process didn't create files having MAC labels equal to its own,
how do you ensure that it can read and write files it creates?

} Or process have another label?

No, just one MAC label.

} What label does process have in your implementation of MAC?

While the code I posted doesn't deal with that aspect of MAC policy,
the answer is "the label of its parent".

} > No, it's not. First of all, ACLs are a discretionary access mechanism.
} > Second, no user or list of users is associated with my MAC labels.
}
} I said 'some sort of acl' - not posix acls. Simply Access Control List.

I finally think I understand what you are saying here.

} > } But BL MAC implementation is much more simplier. And i do not understand,
} > } why can't i emulate your approach using BL MAC and ACL?
} >
} > BL labels have a fixed, partial ordering between them. The dominate
} > relationship is transitive. My implementation does not require that
} > the dominate relationship be transitive.
}
} That's why i am confused. Your approach is not MAC, as described by papers
} i read. All of them pointed to BL model.

It's not BL MAC, but it is MAC. The term Mandatory Access Control can
be applied to more security models than those using a partially or
totally ordered lattice.

} And discretionary mechanism exists in BLM - it's non-hyerarchical
} categories.

That is not a discretionary mechanism, since the set of non-hierarchical
categories in a MAC label is not modifiable.

-- 
Planet Bog -- pools of toxic chemicals bubble under a choking
atomsphere of poisonous gases... but aside from that, it's not
much like Earth.
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message

More information about the posix1e mailing list