posix mac
Casey Schaufler
casey at sgi.com
Tue Apr 13 19:22:21 GMT 1999
Ilmar S. Habibulin wrote:
>
> Tomorrow i read posix.1e mac chapter carefully. My opinion - posix mac
> suxx. :(
Oh, you hurt my feelings.
> It doesn't control sockets operations (maybe just because sockets
> are not posix api?)
That's correct. For sockets, you'll need the TSIX API. You can
find that at http://www.tsig.org
> and it doesn't have access level decrement rule.
There's very little policy defined in the Posix spec. There isn't
supposed to be any, as vendor policies vary. Trix, for example,
supports an integrity policy as well as a sensitivity policy.
> I know, that it is simply Bell-LaPadula model, but i suppose life is hard
> without decresing. Any comments?
While the Posix interfaces are heavily influenced by the B&L
policy, they are not toady to it.
--
Casey Schaufler voice: (650) 933-1634
casey at sgi.com fax: (650) 933-0170
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message
More information about the posix1e
mailing list