|
|
cad203 |
#
|
|
|
cad203 |
# Multi-Level Security translation table for SELinux
|
|
|
cad203 |
#
|
|
|
cad203 |
#
|
|
|
cad203 |
# Objects can be labeled with one of 16 levels and be categorized with 0-1023
|
|
|
cad203 |
# categories defined by the admin.
|
|
|
cad203 |
# Objects can be in more than one category at a time.
|
|
|
cad203 |
# Users can modify this table to translate the MLS labels for different purpose.
|
|
|
cad203 |
#
|
|
|
cad203 |
# Assumptions: using below MLS labels.
|
|
|
cad203 |
# SystemLow
|
|
|
cad203 |
# SystemHigh
|
|
|
cad203 |
# Unclassified
|
|
|
cad203 |
# Secret with compartments A and B.
|
|
|
cad203 |
#
|
|
|
cad203 |
# SystemLow and SystemHigh
|
|
|
cad203 |
s0=SystemLow
|
|
|
cad203 |
s15:c0.c1023=SystemHigh
|
|
|
cad203 |
s0-s15:c0.c1023=SystemLow-SystemHigh
|
|
|
cad203 |
|
|
|
cad203 |
# Unclassified level
|
|
|
cad203 |
s1=Unclassified
|
|
|
cad203 |
|
|
|
cad203 |
# Secret level with compartments
|
|
|
cad203 |
s2=Secret
|
|
|
cad203 |
s2:c0=A
|
|
|
cad203 |
s2:c1=B
|
|
|
cad203 |
|
|
|
cad203 |
# ranges for Unclassified
|
|
|
cad203 |
s0-s1=SystemLow-Unclassified
|
|
|
cad203 |
s1-s2=Unclassified-Secret
|
|
|
cad203 |
s1-s15:c0.c1023=Unclassified-SystemHigh
|
|
|
cad203 |
|
|
|
cad203 |
# ranges for Secret with compartments
|
|
|
cad203 |
s0-s2=SystemLow-Secret
|
|
|
cad203 |
s0-s2:c0=SystemLow-Secret:A
|
|
|
cad203 |
s0-s2:c1=SystemLow-Secret:B
|
|
|
cad203 |
s0-s2:c0,c1=SystemLow-Secret:AB
|
|
|
cad203 |
s1-s2:c0=Unclassified-Secret:A
|
|
|
cad203 |
s1-s2:c1=Unclassified-Secret:B
|
|
|
cad203 |
s1-s2:c0,c1=Unclassified-Secret:AB
|
|
|
cad203 |
s2-s2:c0=Secret-Secret:A
|
|
|
cad203 |
s2-s2:c1=Secret-Secret:B
|
|
|
cad203 |
s2-s2:c0,c1=Secret-Secret:AB
|
|
|
cad203 |
s2-s15:c0.c1023=Secret-SystemHigh
|
|
|
cad203 |
s2:c0-s2:c0,c1=Secret:A-Secret:AB
|
|
|
cad203 |
s2:c0-s15:c0.c1023=Secret:A-SystemHigh
|
|
|
cad203 |
s2:c1-s2:c0,c1=Secret:B-Secret:AB
|
|
|
cad203 |
s2:c1-s15:c0.c1023=Secret:B-SystemHigh
|
|
|
cad203 |
s2:c0,c1-s15:c0.c1023=Secret:AB-SystemHigh
|