Next: 11.1 flask_types.h: basic Flask
Up: 36.3 Interfaces
Previous: 10.2.11 sendtosendmsg: send
Flask is an operating system security architecture that
provides flexible support for security policies. This chapter defines
the Flask-related COM interfaces that are defined by header files in
the oskit/flask directory. The sections of this chapter are:
- 11.1
- flask_types.h:
The basic Flask types and constants.
- 11.2
- oskit_security:
The security server interface. This interface is used to
obtain security decisions.
- 11.3
- oskit_avc:
The interface provided by an access vector cache (AVC) component to
object managers. This interface is used by object managers
to perform permission checks, to notify the AVC of completed
operations, and to register callbacks for policy changes.
- 11.4
- oskit_avc_ss:
The interface provided by an AVC component to the security
server. This interface is used by the security server
to notify the AVC component of policy changes.
An example implementation of an AVC component is available in
com/avc.c. An example implementation of a
security server component is available in security. An
example implementation of file access control wrappers that use these
interfaces is available in com/sfs*.c.
Utah Flux Research Group