Several aspects about how labels appear to users can be configured. Label visibility, label color, and labels on printed output can be configured. Some actions on labels require authorization or privilege. Upgrading or downgrading an object's label requires an authorization. Manipulating a label between its internal and its textual representation can require a privilege.
As described in
policy.conf file for a system, and in the Solaris Management Console for individual
users. For a pointer to the configuration procedures,
Typically, the content of files at a lower label can be read by a user
at a higher label. For example, system files and commonly-available executables
are assigned an
ADMIN_LOW label. According to the read
down-read equal rule, accounts who work at any label can read
ADMIN_LOW files. As in the Solaris OS, DAC permissions can prevent read access.
Zones also protect files from being read. If a lower-level zone is not mounted,
a user in a higher-level zone cannot access the files for reading.
Files that contain data that should not be viewed by ordinary users,
such as system log files and the
are maintained at
ADMIN_HIGH. To allow administrators
access to protected system files, the
ADMIN_HIGH administrative labels are assigned as the minimum label
and clearance for roles.
The labels that are printed on banner, trailer and body pages of print jobs can be customized. Also, accompanying text that appears on the banner and trailer pages can be customized. For more information, see.
The authorization to upgrade information to a label that dominates the
label of the current information is called the
Upgrade File Label authorization.
The authorization to downgrade information to a label that is lower than the
the label of the current information is called the
Label authorization. For definitions for these authorizations, see
Label translation occurs whenever programs manipulate labels. Labels
are translated to and from the textual strings to the internal representation.
For example, when a program such as getlabel gets the label
of a file, before the label can display to the user, the internal representation
of the label is translated into readable output. When the setlabel program
sets a label specified on the command line, the textual string, that is, the
label's name, is translated into the label's internal representation. Trusted Extensions permits
label translations only if the calling process's label dominates the label
that is to be translated. If a process attempts to translate a label that
the process's label does not dominate, the translation is disallowed. The
sys_trans_label privilege is required to override this restriction.