|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Message-Id: <Pine.GSO.4.05.9908100917580.9750-100000@shell1> Date: Tue, 10 Aug 1999 09:31:09 -0700 Reply-To: "James E. Pace" <jepace@pobox.com> From: "James E. Pace" <pace@NCAL.VERIO.COM> X-To: Adam Morris <Adam.Morris@ONYX.NET> To: BUGTRAQ@SECURITYFOCUS.COM In-Reply-To: <XFMail.990809103725.Adam.Morris@onyx.net> On Mon, 9 Aug 1999, Adam Morris wrote: > The CMW machines (Compartmentalised Mode Workstation) has the > concept of "multi level directories" These include such things as > /tmp. When you are operating at level "Top Secret" you have what > appears to be a different /tmp from when you are operating at level > "unclassified". The multilevel directory in CMW doesn't solve the per user problem; it just enforces mandatory access control. If two processes are at "UNCLASSIFIED", they are using the same /tmp, so this class of problems still exists. It is still up to the app designer to be careful about problems with /tmp. Perhaps if each user had a unique sensitivity label (like use UID as SL), then you'd get a per user /tmp, but I would imagine that would create a lot of other usability problems (setting up dominance relations would just suck!). > As far as I can tell, it does actually keep the > files in different directories. I haven't really poked around at > the raw disk level on one of these beasts though (which requires > special privileges) so I can't guarantee it. You can definitely > have two different files in different level /tmp directories with > the same name. Yes, multilevel directories are separate directories. The system hides a layer for you, so it's something like this: /tmp/UNCLASSIFIED /tmp/TOP_SECRET /tmp/SECRET ..etc, with new levels being created as needed. My knowlege is based on HP-UX's CMW product. -James Pace
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |