File security flags
The file security flags affect the way that files are accessed. These flags are stored as part of the extended attributes (EA) of the file itself. The file security flags are defined in the header file.
- FSF_APPEND
- File can only be appended to and not altered in operational mode.
- FSF_AUDIT
- The file is marked as part of the audit subsystem. To read or write these files, the process must have the PV_AU_READ or PV_AU_WRITE privileges respectively.
- FSF_MAC_EXMPT
- EPS with the PV_MAC_OVRRD privilege ignores MAC restrictions when attempting to access the object.
- FSF_PDIR
- The directory is a partitioned directory.
- FSF_PSDIR
- The directory is a partitioned subdirectory.
- FSF_PSSDIR
- The directory is a partitioned sub-subdirectory.
- FSF_TLIB
- The object is marked as part of the Trusted Library. The machine must be running in configuration mode or the trustedlib_enabled kernel security flag must be OFF.
- FSF_TLIB_PROC
- Processes marked as TLIB processes can only link oto *.so libraries that have the TLIB flag set. The system must be running in configuration mode or the trustedlib_enabled kernel security flag must be OFF.