Managing partitioned directories

To a normal user process, a partitioned directory appears and functions the same as a regular directory. However, with a partitioned directory, different processes with different SLs see different contents of the same directory.

For example, if a process running at the SECRET security label creates a file named foo in a partitioned directory, then a second process running at the TOP SECRET security label cannot see or access the file foo in that directory. Also, the second process can create its own foo file without interfering with the first foo file.

This is accomplished using hidden subdirectories. For each unique SL with which a process accesses the partitioned directory, there is a partitioned subdirectory. When a process accesses the partitioned directory, the system automatically redirects the process to the hidden subdirectory. In the example above, the two foo files are actually in different subdirectories, even though they appear to the user to be in the same directory.

See Partitioned directories for more information on partitioned directories.

Partitioned directories are supported in JFS2 with EAv2.