next up previous
Next: Role Compatibility Up: Roles and Types Previous: Roles

Types

Every object has an RC type. Hierarchically organized objects of RSBAC target types FILE, DIR, FIFO and SYMLINK3 can have a special type value inherit parent, in which case the parent object's type is used. If there is no parent, the default value 0 is applied.

Whenever values may be inherited, the term effective value is used to denote the final value. Inheritance greatly reduces the number of attribute values to be stored and follows the usual way of grouping objects in hierarchies.

The effective type is derived as follows:
\begin{displaymath}
\mathrm{efftype}_{tn}(\mathrm{f}):=
\left\{
\begin{array}{r...
...\_parent} &
\mathrm{type}_{tn}(\mathrm{f})
\end{array}\right.
\end{displaymath} (5)

When a new filesystem object is created, its type is set to the value of the role attribute Default fd create type of the current role of the creating process, which can also be the special value inherit parent mentioned above.
\begin{displaymath}
\mathrm{createfs}_{tn}(\mathrm{p,f}) \Rightarrow\
\mathrm{ty...
..._fd\_create\_type}_{tn}(\mathrm{currentrole}_{tn}(\mathrm{p}))
\end{displaymath} (6)

When a new process object is created, its type is set depending on the value of the role attribute Default process create type of the current role of the creating process. The special and default value inherit parent sets the type value to that of the creating process. Be
\begin{displaymath}
\mathrm{pct}_{tn}(\mathrm{p}_1) :=
\mathrm{default\_process\_create\_type}_{tn}(\mathrm{currentrole}_{tn}(\mathrm{p}_1))
\end{displaymath} (7)


\begin{displaymath}
\mathrm{clone}_{tn}(\mathrm{p}_1,\mathrm{p}_2) \Rightarrow\
...
..._parent} &
\mathrm{pct}_{tn}(\mathrm{p}_1)
\end{array}\right.
\end{displaymath} (8)

On execution of a new program file, the process type is set according to the value of the role attribute Default process execute type of the current role of the process. The special and default value inherit parent leaves the process type unchanged. Be
\begin{displaymath}
\mathrm{pet}_{tn}(\mathrm{p}) :=
\mathrm{default\-\_process\-\_execute\-\_type}_{tn}(\mathrm{currentrole}_{tn}(\mathrm{p}))
\end{displaymath} (9)


\begin{displaymath}
\mathrm{execute}_{tn}(\mathrm{p,f}) \Rightarrow\
\mathrm{typ...
...t\_parent} &
\mathrm{pet}_{tn}(\mathrm{p})
\end{array}\right.
\end{displaymath} (10)

Changing the owner of a process leads to the process type being set to the value of the role attribute Default process chown type of the current role of the process. The special and default value inherit parent leaves the process type unchanged. The other valid special value use new role def create uses the value of the role attribute Default process create type of the new current role of the process (see Roles). Be

$\displaystyle \mathrm{pot}_{tn}(\mathrm{p})$ $\textstyle :=$ $\displaystyle \mathrm{default\_process\_chown\_type}_{tn}(\mathrm{currentrole}_{tn}(\mathrm{p}))$ (11)
$\displaystyle \mathrm{pct}_{tn+1}(\mathrm{p})$ $\textstyle :=$ $\displaystyle \mathrm{default\_process\_create\_type}_{tn}(
\mathrm{currentrole}_{tn+1}(\mathrm{p}))$ (12)


$\displaystyle {\mathrm{changeowner}_{tn}(\mathrm{p,u}) \Rightarrow\
}$
$\displaystyle \mathrm{type}_{tn+1}(\mathrm{p})$ $\textstyle :=$ $\displaystyle \left\{
\begin{array}{r@{\ :\ }l}
\mathrm{if\ pot}_{tn}(\mathrm{p...
...}_{tn+1}(\mathrm{p})\\
else & \mathrm{pot}_{tn}(\mathrm{p})
\end{array}\right.$ (13)

Finally, the types of newly created IPC objects can be influenced by the value of the role attribute Default ipc create type of the current role of the process.

\begin{displaymath}
\mathrm{createipc}_{tn}(\mathrm{p,i}) \Rightarrow\
\mathrm{t...
...ipc\_create\_type}_{tn}(\mathrm{currentrole}_{tn}(\mathrm{p}))
\end{displaymath} (14)

The types of all newly created network objects are derived from their templates4 and cannot be preset through role attributes.

Default type values provide a mandatory way to keep new objects suitable for the roles that created them, while completely avoiding discretionary elements for type selection and the necessity of making applications aware of the access control model.


next up previous
Next: Role Compatibility Up: Roles and Types Previous: Roles
Amon Ott