Andy Suchoski wrote:
Hello all,
My background is with legacy MLS systems and I can understand when the
label attribute of a process contains a low label and a high label
(s0-s15:c0.c255), the low label corresponds to the level at which a
process operates and the high label corresponds to the clearance of the
process. I believe that is right. But what does the low label and high
label mean in the security context of an object such as a file or a
directory?
Most objects, such as files, are restricted such that their low label
and high label are equivalent, or "single-level". However, directories
(and some other objects in the system, I don't remember which right now)
are permitted to be "multi-level", since a directory could hold files
with different levels.
Mike
--
redhat-lspp mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/redhat-lspp
