sec_setmsglab Subroutine
Purpose
Sets the security attributes of an Interprocess Communication (IPC) message queue.
Library
Standard C library (libc.a)
Syntax
#include <sys/mac.h>
#include <sys/ipc.h>
#include <sys/msg.h>int sec_setmsglab (msgid, sl, tl)
int msgid;
sl_t *sl;
tl_t *tl;
Description
The sec_setmsglab subroutine sets the security attributes of the message queue that is specified by the msgid parameter. The subroutine associates a sensitivity label and an integrity label with the message queue. The sl parameter points to the sensitivity label, and the tl parameter points to the integrity label. If the sl or tl parameter is a null pointer, the sensitivity label or integrity label of the message queue remains unchanged.
To change the sensitivity label of a message queue, a process must have the PV_LAB_SL_FILE privilege, DAC and MAC WRITE access to the message queue, and the PV_LAB_SLUG or PV_LAB_SLDG privilege for upgrading or downgrading the label. A process must have DAC OWNER access to the message queue to downgrade the sensitivity label. If the old sensitivity label or the new sensitivity label is outside of the process clearance, the process needs the PV_MAC_CL privilege to change the label.
To change the integrity label of a message queue, a process must have the PV_LAB_TL privilege and have MAC WRITE and DAC OWNER access to the message queue.
Parameters
| Item | Description |
|---|---|
| msgid | Specifies the message queue. |
| sl | Points to a sensitivity label structure. |
| tl | Points to an integrity label structure. |
Return Values
| Item | Description |
|---|---|
| 0 | Successful |
| -1 | Unsuccessful |
Error Codes
| Item | Description |
|---|---|
| EPERM | The calling process does not have permissions or privileges. |
| EFAULT | The address that the sl or tl parameter points to is not valid. |
| EINVAL | The message queue that the msgid parameter specifies is not valid. |