TNFS spec update; pls review and comment (postscript version)
Fred Glover <fglover@zk3.dec.com> Tue, 09 June 1992 23:08 UTC
Received: from nri.nri.reston.va.us by ietf.NRI.Reston.VA.US id aa12036; 9 Jun 92 19:08 EDT
Received: from wdl1.wdl.loral.com by NRI.Reston.VA.US id aa07359; 9 Jun 92 19:06 EDT
Received: by wdl1.wdl.loral.com (5.61+++/WDL-3.11) id AA01127; Tue, 9 Jun 92 14:20:21 -0700
Received: from decvax.dec.com by wdl1.wdl.loral.com (5.61+++/WDL-3.11) id AA01111; Tue, 9 Jun 92 14:19:33 -0700
Received: by decvax.dec.com (5.57/DEC-ULTRIX-5/6/92) id AA14902; Tue, 9 Jun 92 17:17:41 -0400
Received: by abyss.zk3.dec.com (5.65/DEC-USSG-ZK3-ULTRIX-09/27/91); id AA17583; Tue, 9 Jun 1992 17:17:29 -0400
Date: Tue, 09 Jun 1992 17:17:29 -0400
From: Fred Glover <fglover@zk3.dec.com>
Message-Id: <9206092117.AA17583@abyss.zk3.dec.com>
To: tnfs@wdl1.wdl.loral.com
Subject: TNFS spec update; pls review and comment (postscript version)
Sender: tnfs-request@wdl1.wdl.loral.com
================================================================== >>> Submissions to the tnfs list: tnfs@wdl1.wdl.loral.com >>> Additions/deletions/questions: tnfs-request@wdl1.wdl.loral.com >>> Archive Server: listserv@wdl1.wdl.loral.com ================================================================== %!PS-Adobe-1.0 %%Creator: devps (Pipeline Associates, Inc.) %%CreationDate: Tue Jun 9 17:15:38 1992 %%Pages: (atend) %%DocumentFonts: (atend) /X{exch}def /r{rmoveto}def /m{moveto}def /l{lineto}def /rl{rlineto}def /lc{yc X xc X l st}def /mc{yc X xc X m}def /el{gs /a X def a div 1 X scale cp np a xc 2 div 0 360 arc st gr}def /ar{cp 7 2 roll np xc 5 1 roll atan 3 1 roll atan X arc st}def /sp{yc X xc X 6 2 roll yc X xc X 6 2 roll yc X xc X 6 2 roll ct}def /st{stroke}def /gs{gsave}def /gr{grestore}def /cp{currentpoint}def /np{newpath}def /ct{curveto}def /m0{0 0 moveto}def /BP{/devps-save save def m0}def /EP{ clear devps-save restore showpage}def /res 10.000000 def /V{res neg div 792 add currentpoint pop X m}def /H{res div currentpoint X pop moveto}def /h{res div 0 r}def /v{res neg div 0 X r}def /xc{res div}def /yc{res neg div 792 add}def /S{X H show}def /psize 10 def /height 1 def /slant 0 def /FF{findfont X dup 12 div setlinewidth /psize X def [psize 0 psize height mul slant sin slant cos div mul psize height mul 0 0] makefont setfont}def /shade{gs /dy X def /dx X def np m setgray 0 dy rl dx 0 rl 0 dy neg rl dx neg 0 rl closepath fill gr}def 1 setlinecap /R{/Times-Roman FF}def /B{/Times-Bold FF}def /Y{/Symbol FF}def %% Troff special characters not on Symbol font %% Copyright (C) 1986 by Pipeline Associates, Inc. %% Version 1.1 /altRTD 20 dict def altRTD begin /s{setcachedevice}def /C{1000 1000 scale}def /m{moveto}def /c{curveto}def /S{stroke}def /l{lineto}def /a{arcto}def /p{pop}def /sl{setlinewidth}def end /F_Troff 17 dict def F_Troff begin systemdict /currentpacking known {/SavePacking currentpacking def true setpacking}if /PaintType 0 def /FontType 3 def /StrokeWidth 0 def /UniqueID 8277003 def /FontMatrix [.001000 0 0 .001000 0 0] def /FontBBox [-12 -105 942 855 ] def /Encoding 256 array def /CD 256 1 add dict def /FontInfo 3 dict def FontInfo begin /UnderlinePosition -133 def /UnderlineThickness 20 def end /FontName (Troff) def 0 1 256 1 sub{Encoding exch /.notdef put}for CD /.notdef{500 0 setcharwidth{}}put Encoding (1) 0 get /br put %% bold vertical rule used by tbl CD /br{ C 0 0 -.5 -.5 1 1 s np .05 sl 0 -.1 m 0 .9 l {S} }put Encoding (2) 0 get /ul put %% underline used by tbl CD /ul{ C .5 0 -.5 -.5 1 1 s np .05 sl 0 -.1 m .5 -.1 l {S} }put Encoding (3) 0 get /ru put %% baseline rule CD /ru{ C .5 0 -.5 -.5 1 1 s np .05 sl m0 .5 0 l {S} }put Encoding (4) 0 get /vr put %% vertical rule CD /vr{ C 0 0 -.5 -.5 1 1 s np .05 sl m0 0 1 l {S} }put Encoding (5) 0 get /sq put %% square CD /sq{ C .5 0 -.5 -.5 1 1 s np .05 sl 0 .25 m 0 .5 rl .5 0 rl 0 -.5 rl -.5 0 rl closepath {S} }put Encoding (6) 0 get /bx put %% solid box CD /bx{ C .5 0 -.5 -.5 1 1 s np 0 .25 m 0 .5 rl .5 0 rl 0 -.5 rl -.5 0 rl closepath {fill} }put Encoding (7) 0 get /rn put %% radical extender CD /rn{ C .5 0 -.5 -.5 1 1 s np .03 sl -.03 .9 m .5 0 rl {S} }put Encoding (8) 0 get /GR put %% gray mask CD /GR{ C .5 0 setcharwidth .5 setgray np 0 -.1 m 0 1 rl .5 0 rl 0 -1 rl -.5 0 rl closepath {fill} }put Encoding 97 /a put CD /a{1000 0 0 66 942 421 s 430 415 m 578 406 678 349 662 319 c 655 306 614 287 583 296 c 570 300 466 340 438 332 c 365 309 335 213 270 209 c 0 310 m 108 310 l 108 114 l 0 114 l 0 310 l 42 161 m 42 134 l 66 134 l 66 161 l 42 161 l 47 155 m 47 140 l 62 140 l 62 155 l 47 155 l 110 133 m 226 113 300 66 410 80 c 497 91 550 69 634 76 c 645 76 663 92 669 107 c 677 125 673 141 668 160 c 725 334 m 758 332 734 253 701 250 c 501 325 m 475 316 476 309 473 302 c 465 282 482 263 499 257 c 552 236 615 253 689 253 c 701 253 713 236 713 218 c 712 194 702 168 678 161 c 671 159 663 160 655 160 c 591 158 516 156 479 168 c 461 173 453 191 453 210 c 453 224 456 235 466 244 c 476 253 490 252 503 255 c 459 84 m 447 96 435 106 435 123 c 435 136 440 145 447 155 c 453 163 462 168 469 173 c 110 293 m 173 318 300 421 435 415 c 609 407 852 416 885 411 c 898 409 924 411 930 380 c 942 316 828 339 742 334 c 731 334 730 335 725 335 c 701 336 685 336 660 336 c{S}}put Encoding 98 /b put CD /b{1000 0 -12 66 930 421 s 500 415 m 352 406 252 349 268 319 c 275 306 316 287 347 296 c 360 300 464 340 492 332 c 565 309 595 213 660 209 c 930 310 m 822 310 l 822 114 l 930 114 l 930 310 l 888 161 m 888 134 l 864 134 l 864 161 l 888 161 l 883 155 m 883 140 l 868 140 l 868 155 l 883 155 l 820 133 m 704 113 630 66 520 80 c 433 91 380 69 296 76 c 285 76 267 92 261 107 c 253 125 257 141 262 160 c 205 334 m 172 332 196 253 229 250 c 429 325 m 455 316 454 309 457 302 c 465 282 448 263 431 257 c 378 236 315 253 241 253 c 229 253 217 236 217 218 c 218 194 228 168 252 161 c 259 159 267 160 275 160 c 339 158 414 156 451 168 c 469 173 477 191 477 210 c 477 224 474 235 464 244 c 454 253 440 252 427 255 c 471 84 m 483 96 495 106 495 123 c 495 136 490 145 483 155 c 477 163 468 168 461 173 c 820 293 m 757 318 630 421 495 415 c 321 407 78 416 45 411 c 32 409 6 411 0 380 c -12 316 102 339 188 334 c 199 334 200 335 205 335 c 229 336 245 336 270 336 c{S}}put Encoding 99 /c put CD /c{1000 0 184 0 827 627 s 185 315 m 186 488 332 627 505 625 c 682 623 827 467 815 290 c 804 124 666 0 500 0 c 327 0 184 142 185 315 c{S}}put Encoding 100 /d put CD /d{590 0 134 158 477 500 s 300 160 m 208 162 134 238 135 330 c 136 423 212 500 305 500 c 397 500 473 427 475 335 c 477 239 396 158 300 160 c{fill}}put Encoding 101 /e put % Bell Symbol CD /e{1010 0 -100 -210 1010 1010 s 100 sl 0 setlinecap 420 300 450 0 360 arc 420 650 m 420 575 l S newpath 120 125 m 720 125 l 75 sl S 420 125 m 420 25 l S 220 400 m 220 175 120 175 100 a p p p p 220 400 m 220 550 420 550 80 a p p p p 620 400 m 620 175 720 175 100 a p p p p 620 400 m 620 550 420 550 80 a p p p p 295 550 m 545 550 l{S}}put /BuildChar{altRTD /BuildChar get exec}def end altRTD begin /BuildChar{altRTD begin /char exch def /fontdict exch def save /charname fontdict /Encoding get char get def fontdict /StrokeWidth get sl fontdict /CD get dup charname known {charname}{/.notdef}ifelse get newpath exec fontdict /PaintType get 0 eq{exec}{p S}ifelse restore end}def end systemdict /currentpacking known{F_Troff /SavePacking get setpacking}if /Troff F_Troff definefont pop /Y1{/Troff FF}def /I{/Times-Italic FF}def %%EndProlog %%Page: 1 1 BP /slant 0 def /height 1.000000 def 10 R 10 R 0 H 40 V 0(--)S 5406(--)S 720 H 840 V 1939(Request)S 2291(for)S 2437(Comments)S 2901(On)S 3053(A)S 3155(Speci\256cation)S 3707(of)S 5139(|)S 720 H 960 V 2016(Trusted)S 2351(NFS)S 2565(\(TNFS\))S 2906(Protocol)S 3275(Extensions)S 720 H 1440 V 10 B 720(1.)S 855(Status)S 1152(Of)S 1293(This)S 1513(Memo)S 720 H 1596 V 10 R 720(This)S 938(draft)S 1166(document)S 1600(speci\256es)S 1984(extensions)S 2446(to)S 2564(RFC)S 2794(1094)S 3034([1])S 3190(which)S 3474(support)S 3815(network)S 4183(\256le)S 4352(access)S 4647(in)S 4766(a)S 4851(mul-)S 720 H 1716 V 720(tilevel)S 1002(secure)S 1288(\(MLS\))S 1592(network)S 1951(environment)S 1684 V 8 R 2456(1)S 1716 V 10 R 2496(.)S 2583(This)S 2793(draft)S 3013(was)S 3201(approved)S 3605(by)S 3738(the)S 3893(Trusted)S 4231(Systems)S 4598(Interopera-)S 720 H 1836 V 720(bility)S 962(Group)S 1247(\(TSIG\),)S 1590(whose)S 1875(charter)S 2181(is)S 2278(to)S 2386(promote)S 2749(multi-vendor)S 3301(trusted)S 3603(system)S 3911(interoperability.)S 720 H 2076 V 10 B 720(2.)S 855(Abstract)S 720 H 2232 V 10 R 720(Additional)S 1181(functionality)S 1726(has)S 1893(been)S 2115(developed)S 2559(for)S 2709(UNIX)S 10 Y 2958(\322)S 10 R 3071(systems)S 3422(to)S 3534(address)S 3867(the)S 4023(TCSEC)S 4369([2])S 4519(requirements)S 720 H 2352 V 720(for)S 875(trusted)S 1186(systems.)S 1596(New)S 1822(requirements)S 2381(are)S 2540(driving)S 2867(e)S 2911 H (f)show 10 -.5 mul h (f)show 10 R 2972(orts)S 3160(to)S 3276(develop)S 3630(interoperable,)S 4219(networked)S 4678(solutions)S 720 H 2472 V 720(for)S 893(trusted)S 1222(UNIX)S 1528(environments.)S 2185(A)S 2315(speci\256c)S 2678(approach)S 3101(for)S 3275(addressing)S 3760(TCSEC)S 4130(MLS)S 4394(requirements)S 4973(is)S 720 H 2592 V 720(identi\256ed)S 1151(in)S 1282(the)S 1457(CMW)S 1760(requirements)S 2334(document)S 2781([3].)S 3005(Developing)S 3524(support)S 3877(for)S 4045(network)S 4424(interoperability)S 720 H 2712 V 720(among)S 1022(MLS)S 1258(classi\256ed)S 1660(systems)S 2007(is)S 2104(a)S 2178(primary)S 2524(goal)S 2726(of)S 2839(the)S 2991(trusted)S 3293(UNIX)S 3572(community.)S 720 H 2868 V 720(Sun)S 909(Microsystem's)S 1536(Network)S 1918(File)S 2107(System)S 2435(\(NFS\262)S 2735(\))S 2801(V2)S 2956(protocol)S 3323(is)S 3424(an)S 3552(industry)S 3914(\(de)S 4075(facto\))S 4341(standard)S 4713(network)S 720 H 2988 V 720(\256le)S 880(access)S 1166(mechanism,)S 1678(and)S 1854(represents)S 2290(one)S 2466(of)S 2581(the)S 2735(key)S 2911(components)S 3426(of)S 3540(system)S 3849(interoperability)S 4496(in)S 4605(the)S 4758(current)S 720 H 3108 V 720(UNIX)S 1005(networking)S 1496(market.)S 1834(This)S 2048(draft)S 2272(document)S 2702(describes)S 3109(extensions)S 3567(to)S 3681(the)S 3839(NFS)S 4059(V2)S 4217(protocol)S 4587(which)S 4868(sup-)S 720 H 3228 V 720(port)S 914(network)S 1274(\256le)S 1435(access)S 1722(in)S 1833(a)S 1909(MLS)S 2147(network)S 2506(environment.)S 3098(It)S 3191(will)S 3379(be)S 3505(submitted)S 3932(to)S 4042(the)S 4196(RFC)S 4418(editor)S 4683(as)S 4798(a)S 4874(pro-)S 720 H 3348 V 720(tocol)S 954(speci\256cation.)S 1518(Distribution)S 2036(of)S 2153(this)S 2333(draft)S 2556(document)S 2985(is)S 3087(unlimited.)S 3561(Please)S 3851(send)S 4069(comments)S 4515(to)S 4628(the)S 4785(author)S 720 H 3468 V 720(at)S 822(the)S 974(address)S 1303(identi\256ed)S 1711(in)S 1819(section)S 2132(6)S 2212(below.)S 720 H 3708 V 10 B 720(3.)S 855(MLS)S 1102(Extensions)S 1594(for)S 1751(NFS)S 720 H 3864 V 10 R 720(MLS)S 956(functionality)S 1498(includes)S 1862(discretionary)S 2414(access)S 2699(control)S 3013(\(DAC\),)S 3346(subject)S 3660(and)S 3835(object)S 4110(security)S 4457(labeling,)S 4835(man-)S 720 H 3984 V 720(datory)S 1034(access)S 1346(control)S 1687(\(MAC\),)S 2064(authentication,)S 2713(auditing,)S 3124(and)S 3326(documentation.)S 4033(Exchanging)S 4568(information)S 720 H 4104 V 720(between)S 1082(MLS)S 1318(systems)S 1665(requires)S 2016(communicating)S 2668(additional)S 3098(security)S 3444(information)S 3946(along)S 4198(with)S 4406(the)S 4558(actual)S 4826(data.)S 720 H 4260 V 720(The)S 916(primary)S 1273(goal)S 1486(of)S 1610(this)S 1796(speci\256cation)S 2342(is)S 2450(to)S 2569(describe)S 2942(extensions)S 3405(to)S 3525(the)S 3689(NFS)S 3915(V2)S 4079(protocol)S 4454(which)S 4740(support)S 720 H 4380 V 720(network)S 1081(\256le)S 1243(access)S 1531(between)S 1897(MLS)S 2137(systems)S 2488(with)S 2700(a)S 2778(minimal)S 3146(impact)S 3452(on)S 3586(the)S 3742(existing)S 4094(NFS)S 4313(V2)S 4470(environment)S 4348 V 8 R 4975(2)S 4380 V 10 R 5015(.)S 720 H 4500 V 720(It)S 814(is)S 914(also)S 1108(intended)S 1484(that)S 1666(this)S 1843(MLS)S 2081(environment)S 2618(will)S 2806(permit)S 3099(unmodi\256ed)S 3587(NFS)S 3803(clients)S 4096(and)S 4272(servers)S 4586(to)S 4696(continue)S 720 H 4620 V 720(to)S 828(be)S 952(fully)S 1171(supported.)S 720 H 4776 V 720(The)S 906(general)S 1230(approach)S 1626(used)S 1840(in)S 1949(extending)S 2374(the)S 2527(NFS)S 2742(V2)S 2895(protocol)S 3259(is)S 3357(to)S 3466(transport)S 3852(additional)S 4284(user)S 4482(context)S 4808(in)S 4918(the)S 720 H 4896 V 720(form)S 946(of)S 1061(an)S 1187(extended)S 1579(NFS)S 1795(UNIX)S 2076(style)S 2297(credential)S 2722(between)S 3086(a)S 3162(Trusted)S 3499(NFS)S 3715(\(TNFS\))S 4058(client)S 4312(and)S 4488(server,)S 4787(and)S 4962(to)S 720 H 5016 V 720(map)S 923(that)S 1104(context)S 1429(into)S 1616(the)S 1770(appropriate)S 2256(server)S 2531(security)S 2879(policies)S 3222(which)S 3498(address)S 3829(\256le)S 3989(access.)S 4330(In)S 4445(addition,)S 4830(secu-)S 720 H 5136 V 720(rity)S 898(\256le)S 1065(attributes)S 1476(are)S 1636(returned)S 2007(with)S 2224(each)S 2445(NFS)S 2668(\(TNFS\))S 3018(procedure)S 3455(call.)S 3692(Otherwise,)S 4165(the)S 4325(NFS)S 4547(V2)S 4707(protocol)S 720 H 5256 V 720(remains)S 1066(essentially)S 1518(unchanged.)S 720 H 5412 V 720(Two)S 933(companion)S 1407(documents)S 1870([4][5])S 2132(complete)S 2528(the)S 2680(set)S 2821(of)S 2934(documentation)S 3558(describing)S 4004(the)S 4156(TNFS)S 4431(environment.)S 720 H 5652 V 10 B 720(3.1.)S 930(The)S 1127(Extended)S 1563(User)S 1792(Context)S 720 H 5808 V 10 R 720(The)S 905(Sun)S 1091(RPC)S 1311(protocol)S 1674([6][7])S 1936(includes)S 2299(two)S 2479(authentication)S 3075(parameters)S 3542(in)S 3650(a)S 3724(request)S 4042(message:)S 720 H 5964 V 970(an)S 1105(authentication)S 1712(credential)S 2146(-)S 2220(used)S 2444(to)S 2563(identify)S 2915(or)S 3040(present)S 3370(a)S 3456(client)S 3720(subject's)S 4117(credentials)S 4591(to)S 4711(a)S 4797(server)S 720 H 6084 V 970(along)S 1222(with)S 1430(a)S 1504(given)S 1756(request)S 2074(for)S 2220(access)S 2504(or)S 2617(information,)S 3144(and)S 720 H 6240 V 970(an)S 1094(authentication)S 1690(veri\256er)S 2008(-)S 2071(used)S 2284(to)S 2392(validate)S 2738(the)S 2890(subject's)S 3275(credentials,)S 720 H 6396 V 720(and)S 894(an)S 1018(authentication)S 1614(veri\256er)S 1932(in)S 2040(the)S 2192(RPC)S 2412(response)S 2791(message.)S 720 H 6508 V 8 Y1 720(333333333333333333)S 720 H 6602 V 6 R 820(1)S 6626 V 8 R 890(Multilevel)S 1245(Secure)S 1485(systems)S 1761(include,)S 2039(for)S 2155(example,)S 2468(support)S 2731(for)S 2847(B1)S 2965(and)S 3104(CMW)S 3328(security)S 3603(policies.)S 720 H 6744 V 8 Y 820(\322)S 8 R 923(UNIX)S 1147(is)S 1224(a)S 1283(registered)S 1619(trademark)S 1964(of)S 2054(UNIX)S 2278(Systems)S 2568(Laboratories)S 2993(\(U.S.L.\))S 720 H 6862 V 820(\262)S 900(NFS)S 1072(is)S 1149(a)S 1208(trademark)S 1553(of)S 1643(Sun)S 1792(Microsystems,)S 2282(Incorporated)S 720 H 6956 V 6 R 820(2)S 6980 V 8 R 890(Revisions)S 1241(to)S 1339(the)S 1472(NFS)S 1656(V2)S 1790(protocol)S 2091(have)S 2277(been)S 2463(speci\256ed)S 2782(and)S 2933(presented)S 3273(for)S 3401(comment)S 3733(to)S 3830(the)S 3962(NFS)S 4145(community;)S 4565(this)S 720 H 7080 V 720(document)S 1058(addresses)S 1386(extensions)S 1746(to)S 1832(the)S 1953(V2)S 2075(protocol)S 2364(only.)S 720 H 7680 V 10 R 720(TSIG-TNFS-001.2.03)S 4700([Page 1])S 7920 V EP %%Page: 2 2 BP /slant 0 def /height 1.000000 def 10 R 10 R 0 H 40 V 0(--)S 5406(--)S 720 H 520 V 720(INTERNET-DRAFT)S 2297(TNFS Protocol Speci\256cation)S 4472(May 24, 1992)S 720 H 840 V 720(An)S 872(NFS)S 1086(server)S 1359(uses)S 1561(the)S 1713(client)S 1965(subject's)S 2350(credentials)S 2812(to)S 2920(perform)S 3271(appropriate)S 3755(access)S 4039(checks)S 4340(prior)S 4565(to)S 4674(servicing)S 720 H 960 V 720(the)S 873(request.)S 1247(The)S 1433(veri\256er)S 1752(parameter)S 2181(in)S 2290(the)S 2443(RPC)S 2664(request)S 2983(message)S 3351(is)S 3448(used)S 3661(to)S 3769(authenticate)S 4281(the)S 4433(client)S 4685(subject's)S 720 H 1080 V 720(credentials)S 1048 V 8 R 1152(3)S 1080 V 10 R 1192(.)S 720 H 1236 V 720(Several)S 1056(styles)S 1321(of)S 1441(authentication)S 2044(are)S 2202(currently)S 2599(de\256ned)S 2930(for)S 3084(NFS)S 1204 V 8 R 3268(4)S 1236 V 10 R 3308(,)S 3371(and)S 3553(an)S 3685(NFS)S 3907(server)S 4188(may)S 4398(elect)S 4624(to)S 4740(support)S 720 H 1356 V 720(multiple)S 1087(authentication)S 1686(styles)S 1947(concurrently.)S 2539(A)S 2644(new)S 2843(RPC)S 3065(authentication)S 3663(style,)S 3909(AUTH_MLS,)S 4499(is)S 4598(de\256ned)S 4924(for)S 720 H 1476 V 720(use)S 887(in)S 999(the)S 1155(TNFS)S 1435(environment.)S 2000(The)S 2190(de\256nition)S 2609(of)S 2727(the)S 2884(AUTH_MLS)S 3452(credential)S 3880(combines)S 4298(the)S 4455(information)S 4962(in)S 720 H 1596 V 720(the)S 872(AUTH_UNIX)S 1478(credential)S 1901(with)S 2109(extensions)S 2561(for)S 2707(the)S 2859(additional)S 3289(security)S 3635(attributes:)S 720 H 1752 V 970(o)S 1220(audit)S 1456(id)S 1570(-)S 1640(immutable)S 2105(subject)S 2425(\(user\))S 2694(identi\256er,)S 3117(not)S 3282(a)S 3326 H (f)show 10 -.5 mul h (f)show 10 R 3387(ected)S 3634(by)S 3771(modi\256cations)S 4353(to)S 4468(either)S 4732(the)S 4891(real)S 720 H 1872 V 1220(or)S 1333(e)S 1377 H (f)show 10 -.5 mul h (f)show 10 R 1438(ective)S 1706(user)S 1902(or)S 2015(group)S 2278(identi\256ers,)S 720 H 2028 V 970(o)S 1220(sensitivity)S 1670(label)S 1902(-)S 1973(used)S 2194(with)S 2410(a)S 2492(MAC)S 2758(policy;)S 3075(a)S 3158(subject)S 3480(generally)S 3890(has)S 4062(a)S 4145(static,)S 4420(top-level)S 4814(clear-)S 720 H 2148 V 1220(ance,)S 1473(but)S 1647(is)S 1760(permitted)S 2189(to)S 2313(execute)S 2662(processes)S 3089(at)S 3206(a)S 3295(sensitivity)S 3752(level)S 3991(di)S 4069 H (f)show 10 -.5 mul h (f)show 10 R 4130(erent)S 4374(from)S 4613(\(i.e.)S 4813(lower)S 720 H 2268 V 1220(than\))S 1455(his/her)S 1757(actual)S 2025(clearance,)S 720 H 2424 V 970(o)S 1220(information)S 1723(label)S 1948(-)S 2013(also)S 2206(used)S 2421(with)S 2631(a)S 2707(MAC)S 2967(policy;)S 3277(dynamically)S 3803(adjusted)S 4168(based)S 4427(upon)S 4659(the)S 4813(infor-)S 720 H 2544 V 1220(mation)S 1528(content)S 1852(associated)S 2292(with)S 2500(the)S 2652(subject)S 2965(\(or)S 3111(object\),)S 720 H 2700 V 970(o)S 1220(integrity)S 1608(label)S 1851(-)S 1933(used)S 2165(with)S 2392(commercial,)S 2937(multi-party)S 3437(security)S 3803(policy)S 4103(\(eg.)S 4305(Clark-Wilson)S 4899([8],)S 720 H 2820 V 1220(Biba)S 1439([9]\),)S 720 H 2976 V 970(o)S 1220(privilege)S 1606(mask)S 1848(-)S 1912(used)S 2126(to)S 2235(identify)S 2577(privileges)S 3002(\(eg.)S 3185(chown,)S 3507(chmod\))S 3844(or)S 3959("rights")S 4301(granted)S 4632(to)S 4742(a)S 4818(given)S 720 H 3096 V 1220(subject,)S 1558(generally)S 1959(to)S 2067(override)S 2429(an)S 2553(existing)S 2900(security)S 3246(policy,)S 3551(and)S 720 H 3252 V 970(o)S 1220(vendor)S 1527(label)S 1751(-)S 1814(used)S 2027(to)S 2135(accommodate)S 2719(additional,)S 3174(vendor)S 3481(speci\256c)S 3816(policies)S 720 H 3408 V 720(The)S 909(additional)S 1343(security)S 1693(attributes)S 2099(will)S 2289(actually)S 2639(be)S 2767(represented)S 3261(within)S 3552(the)S 3709(AUTH_MLS)S 4277(credential)S 4705(by)S 4840(\256xed)S 720 H 3528 V 720(size)S 10 I 910(tokens)S 10 R 1165(,)S 1225(which)S 1504(can)S 1677(support)S 2012(multiple)S 2381(translation)S 2838(schemes)S 3211(through)S 3557(the)S 3714(use)S 3882(of)S 4000(an)S 4129(appropriate)S 4618(translation)S 720 H 3648 V 720(mechanism)S 1237([5].)S 1470(For)S 1671(instance,)S 2085(mechanisms)S 2641(such)S 2886(as)S 3031(M.I.T.)S 3351(Project)S 3697(Athena's)S 4120(Hesiod/BIND)S 4738(or)S 4884(Sun)S 720 H 3768 V 720(Microsystem's)S 1350(NIS)S 3736 V 8 R 1511(5)S 3768 V 10 R 1587(lookup)S 1901(service)S 2219(could)S 2477(be)S 2607(used)S 2826(to)S 2940(support)S 3276(the)S 3435(translation)S 3894(of)S 4014(tokens)S 4312(and)S 4493(security)S 4846(attri-)S 720 H 3888 V 720(bute)S 922(information.)S 720 H 4044 V 720(There)S 992(are)S 1153(several)S 1475(advantages)S 1958(to)S 2076(the)S 2238(use)S 2412(of)S 2536(a)S 2621(token)S 2884(translation)S 3347(model.)S 3693(One)S 3900(major)S 4174(advantage)S 4619(is)S 4727(that)S 4918(the)S 720 H 4164 V 720(actual)S 1006(security)S 1370(attribute)S 1751(information)S 2271(may)S 2491(be)S 2633(de\256ned)S 2974(within)S 3277(the)S 3446(translation)S 3915(service,)S 4269(while)S 4538(the)S 4707(attribute)S 720 H 4284 V 720(representation)S 1319(may)S 1525(be)S 1653(de\256ned)S 1981(by)S 2115(a)S 2193(small,)S 2469(\256xed)S 2703(sized)S 2942(token)S 3198(within)S 3488(the)S 3644(relatively)S 4055(small)S 4306(amount)S 4640(of)S 4757(unallo-)S 720 H 4404 V 720(cated)S 966(space)S 1223(in)S 1337(the)S 1495(credential)S 1924(structure.)S 2364(A)S 2472(second)S 2784(advantage)S 3223(of)S 3341(a)S 3420(translation)S 3877(model)S 4162(is)S 4264(that)S 4449(it)S 4540(may)S 4747(accom-)S 720 H 4524 V 720(modate)S 1059(multiple)S 1438(security)S 1799(policies)S 2155(and)S 2344(translations.)S 2905(Finally,)S 3259(a)S 3348(token)S 3615(translation)S 4082(model)S 4378(permits)S 4724(security)S 720 H 4644 V 720(policies)S 1064(to)S 1175(be)S 1302(developed)S 1744(independently)S 2342(from)S 2568(the)S 2722(translation)S 3176(mechanism.)S 3688(Tokens)S 4014(are)S 4167(transferred)S 4630(within)S 4918(the)S 720 H 4764 V 720(AUTH_MLS)S 1297(credential)S 1734(as)S 1861(opaque)S 2193(objects)S 2520(which)S 2808(are)S 2973(given)S 3239(context)S 3578(by)S 3723(the)S 3890(security)S 4251(policy)S 4546(mechanisms)S 720 H 4884 V 720(implemented)S 1272(by)S 1402(the)S 1554(TNFS)S 1829(clients)S 2120(and)S 2294(servers.)S 720 H 5040 V 720(Note)S 951(that)S 1138(although)S 1525(tokens)S 1823(are)S 1981(de\256ned)S 2312(as)S 2433(opaque)S 2759(objects,)S 3105(tokens)S 3404(which)S 3686(represent)S 4089(the)S 4249(same)S 4492(security)S 4846(attri-)S 720 H 5160 V 720(bute)S 932(and)S 1116(which)S 1400(reside)S 1678(within)S 1974(the)S 2136(same)S 2381(translation)S 2843(scheme)S 3182(may)S 3394(be)S 3528(compared)S 3960(for)S 4115(equality.)S 4531(This)S 4748(charac-)S 720 H 5280 V 720(teristic)S 1031(permits)S 1370(tokens)S 1670(representing)S 2202(a)S 2286(speci\256c)S 2631(security)S 2987(attribute)S 3360(to)S 3478(be)S 3612(referenced)S 4071(in)S 4189(comparisons)S 4734(without)S 720 H 5400 V 720(requiring)S 1116(the)S 1268(tokens)S 1559(to)S 1667(be)S 1791(translated.)S 720 H 5640 V 10 B 720(3.2.)S 930(Discretionary)S 1542(Access)S 1854(Control)S 720 H 5796 V 10 R 720(A)S 836(Discretionary)S 1423(Access)S 1749(Control)S 2099(\(DAC\))S 2420(policy)S 2714(provides)S 3102(for)S 3262(the)S 3429(restriction)S 3879(of)S 4007(subject)S 4335(access)S 4634(to)S 4757(objects)S 720 H 5916 V 720(based)S 989(on)S 1131(the)S 1295(identity)S 1643(of)S 1767(subjects)S 2130(and/or)S 2426(the)S 2589(groups)S 2902(for)S 3059(which)S 3344(they)S 3557(are)S 3719(members.)S 4181(Most)S 4428(secure)S 4723(systems)S 720 H 6036 V 720(address)S 1064(DAC)S 1320(requirements)S 1886(through)S 2242(the)S 2409(use)S 2587(of)S 2715(access)S 3014(control)S 3342(lists.)S 3604(Associated)S 4088(with)S 4312(each)S 4540(\256le)S 4714(is)S 4827(a)S 4917(list)S 720 H 6156 V 720(which)S 1012(identi\256es)S 1427(the)S 1597(set)S 1756(of)S 1887(user)S 2101(and)S 2293(group)S 2574(combinations)S 3161(authorized)S 3629(to)S 3754(access)S 4055(the)S 4224(\256le,)S 4424(along)S 4693(with)S 4918(the)S 720 H 6276 V 720(access)S 1004(privileges)S 1428(associated)S 1868(with)S 2076(each)S 2288(combination.)S 720 H 6432 V 720(The)S 921(information)S 1439(contained)S 1873(in)S 1997(the)S 2166(AUTH_MLS)S 2746(credential)S 3186(of)S 3316(a)S 3407(TNFS)S 3699(client)S 3968(request)S 4303(includes)S 4683(user)S 4896(and)S 720 H 6552 V 720(group)S 985(identi\256cation)S 1545(su)S 1634 H (f)show 10 -.5 mul h (\256)show 10 R 1718(cient)S 1944(to)S 2054(permit)S 2347(the)S 2501(server)S 2776(to)S 2885(apply)S 3138(appropriate)S 3623(DAC)S 3865(policies)S 4207(in)S 4316(controlling)S 4786(access)S 720 H 6672 V 720(to)S 833(its)S 963(shared,)S 1283(local)S 1512(\256le)S 1675(objects.)S 2048(For)S 2222(example,)S 2620(the)S 2777(subject)S 3095(represented)S 3589(by)S 3724(the)S 3881(user)S 4082(and/or)S 4372(group)S 4640(identi\256ers)S 720 H 6772 V 8 Y1 720(333333333333333333)S 720 H 6866 V 6 R 820(3)S 6890 V 8 R 890(Authentication)S 1387(of)S 1477(client)S 1677(and)S 1816(server)S 2033(identities)S 2348(will)S 2496(not)S 2622(be)S 2721(addressed)S 3058(in)S 3144(this)S 3283(speci\256cation.)S 720 H 6984 V 6 R 820(4)S 7008 V 8 R 890(Styles)S 1109(currently)S 1419(de\256ned)S 1678(are)S 1798(AUTH_NONE,)S 2328(AUTH_UNIX,)S 2835(AUTH_SHORT,)S 3406(and)S 3545(AUTH_DES.)S 720 H 7102 V 6 R 820(5)S 7126 V 8 R 890(Network)S 1193(Information)S 1596(Service,)S 1878(known)S 2120(previously)S 2480(as)S 2570(the)S 2691(Yellow)S 2950(Pages)S 3160(Service)S 720 H 7680 V 10 R 720(TSIG-TNFS-001.2.03)S 4700([Page 2])S 7920 V EP %%Page: 3 3 BP /slant 0 def /height 1.000000 def 10 R 10 R 0 H 40 V 0(--)S 5406(--)S 720 H 520 V 720(INTERNET-DRAFT)S 2297(TNFS Protocol Speci\256cation)S 4472(May 24, 1992)S 720 H 840 V 720(contained)S 1141(in)S 1252(the)S 1407(client)S 1662(request)S 1983(may)S 2189(be)S 2317(checked)S 2677(against)S 2994(the)S 3150(access)S 3438(control)S 3755(list)S 3912(information)S 4418(associated)S 4862(with)S 720 H 960 V 720(the)S 874(referenced)S 1325(\256le)S 1485(on)S 1617(the)S 1771(server.)S 2071(Access)S 2385(control)S 2700(list)S 2855(information)S 3358(is)S 3456(not)S 3615(required)S 3978(to)S 4087(be)S 4212(transmitted)S 4693(from)S 4918(the)S 720 H 1080 V 720(client)S 982(to)S 1101(the)S 1264(server)S 1548(in)S 1667(support)S 2008(of)S 2132(a)S 2217(server)S 2501(based)S 2769(access)S 3064(control)S 3388(policy.)S 3734(Client)S 4020(based)S 4288(support)S 4629(for)S 4786(access)S 720 H 1200 V 720(control)S 1041(of)S 1162(server)S 1443(based)S 1708(\256le)S 1874(objects)S 2195(is)S 2300(discussed)S 2721(below)S 3003(in)S 3119(the)S 3279(section)S 3600(which)S 3882(describes)S 4290(the)S 4449(extended)S 4846(attri-)S 720 H 1320 V 720(bute)S 922(cache.)S 720 H 1560 V 10 B 720(3.3.)S 930(Mandatory)S 1443(Access)S 1755(Control)S 720 H 1716 V 10 R 720(A)S 824(Mandatory)S 1294(Access)S 1608(Control)S 1946(\(MAC\))S 2272(policy)S 2554(provides)S 2930(for)S 3078(the)S 3232(restriction)S 3669(of)S 3784(subject)S 4099(access)S 4386(to)S 4497(objects)S 4813(based)S 720 H 1836 V 720(on)S 852(the)S 1006(sensitivity)S 1450(of)S 1565(the)S 1719(information)S 2223(contained)S 2643(in)S 2752(the)S 2905(objects.)S 3274(MAC)S 3533(policies)S 3875(thus)S 4073(include)S 4398(assigning)S 4807(levels)S 720 H 1956 V 720(of)S 833(trust)S 1042(or)S 1156(clearance)S 1562(to)S 1671(system)S 1980(users)S 2216(\(subjects\),)S 2660(and)S 2835(levels)S 3099(of)S 3213(sensitivity)S 3656(to)S 3765(system)S 4074(objects,)S 4413(and)S 4588(then)S 4791(ensur-)S 720 H 2076 V 720(ing)S 878(that)S 1058(only)S 1266(users)S 1501(with)S 1709(su)S 1798 H (f)show 10 -.5 mul h (\256)show 10 R 1882(cient)S 2106(clearance)S 2511(can)S 2679(access)S 2963(the)S 3115(classi\256ed)S 3517(information.)S 720 H 2316 V 10 B 720(3.3.1.)S 1005(Sensitivity)S 1480(Labels)S 720 H 2472 V 10 R 720(When)S 995(MAC)S 1260(policies)S 1608(are)S 1767(enabled,)S 2140(each)S 2360(system)S 2676(subject)S 2997(and)S 3179(object)S 3461(is)S 3566(created)S 3891(with)S 4107(a)S 4189(sensitivity)S 4639(label,)S 4896(and)S 720 H 2592 V 720(the)S 872(system)S 1180(MAC)S 1438(policies)S 1779(compare)S 2152(the)S 2304(labels)S 2567(when)S 2813(determining)S 3326(access.)S 720 H 2748 V 720(The)S 919(AUTH_MLS)S 1496(credential)S 1933(contains)S 2310(the)S 2476(sensitivity)S 2932(label)S 3170(information)S 3686(associated)S 4140(with)S 4362(the)S 4528(TNFS)S 4818(client)S 720 H 2868 V 720(subject)S 1038(\(application\))S 1583(making)S 1918(the)S 2075(access)S 2364(request.)S 2742(This)S 2955(information)S 3462(is)S 3564(su)S 3653 H (f)show 10 -.5 mul h (\256)show 10 R 3737(cient)S 3965(to)S 4077(permit)S 4372(the)S 4528(MAC)S 4790(policy)S 720 H 2988 V 720(checking)S 1112(mechanism)S 1599(on)S 1731(the)S 1885(server)S 2160(to)S 2270(determine)S 2701(whether)S 3054(to)S 3164(permit)S 3457(access)S 3743(to)S 3853(the)S 4007(requested)S 4421(object)S 4697(or)S 4813(infor-)S 720 H 3108 V 720(mation.)S 720 H 3348 V 10 B 720(3.3.2.)S 1005(Information)S 1557(Labels)S 720 H 3504 V 10 R 720(Information)S 1234(labels)S 1504(represent)S 1906(the)S 2065(actual)S 2340(sensitivity)S 2789(of)S 2909(a)S 2990(given)S 3250(subject)S 3571(or)S 3692(object,)S 3999(and)S 4181(permit)S 4480(the)S 4640(additional)S 720 H 3624 V 720(identi\256cation)S 1282(of)S 1399(control)S 1716(markings)S 2122(for)S 2272(a)S 2350(given)S 2606(piece)S 2850(of)S 2966(information.)S 3526(The)S 3714(information)S 4219(label)S 4446(is)S 4546(dynamically)S 720 H 3744 V 720(adjusted)S 1084(on)S 1215(both)S 1424(subjects)S 1777(and)S 1952(objects)S 2266(to)S 2375(the)S 2528(highest)S 2848(sensitivity)S 3292(level)S 3518(re\257ected)S 3893(by)S 4025(a)S 4101(subject/object)S 4688(pair:)S 4903(if)S 4996(a)S 720 H 3864 V 720(subject)S 1040(issues)S 1316(a)S 1397(write)S 1639(request)S 1963(to)S 2077(an)S 2207(object,)S 2512(the)S 2670(information)S 3178(label)S 3408(of)S 3527(the)S 3685(object)S 3965(will)S 4157(be)S 4287(adjusted)S 4656(\(if)S 4786(neces-)S 720 H 3984 V 720(sary\))S 953(to)S 1065(the)S 1221(level)S 1450(de\256ned)S 1779(by)S 1914(the)S 2071(information)S 2578(label)S 2807(of)S 2925(the)S 3082(subject;)S 3458(if)S 3554(a)S 3633(subject)S 3951(issues)S 4225(a)S 4304(read)S 4510(request)S 4833(to)S 4946(an)S 720 H 4104 V 720(object,)S 1026(the)S 1185(information)S 1694(label)S 1925(of)S 2044(the)S 2202(subject)S 2521(will)S 2713(be)S 2843(adjusted)S 3212(to)S 3326(the)S 3484(level)S 3714(de\256ned)S 4044(by)S 4180(the)S 4338(information)S 4846(label)S 720 H 4224 V 720(of)S 837(the)S 993(object.)S 1326(Note)S 1554(that)S 1738(information)S 2245(labels)S 2513(are)S 2669(adjusted)S 3037(upwards)S 3410(as)S 3528(a)S 3607(result)S 3864(of)S 3982(these)S 4222(actions;)S 4568(information)S 720 H 4344 V 720(labels)S 983(are)S 1134(never)S 1385(automatically)S 1959(adjusted)S 2322(to)S 2430(a)S 2504(lower)S 2761(level.)S 720 H 4500 V 720(The)S 906(AUTH_MLS)S 1470(credential)S 1894(in)S 2003(the)S 2156(RPC)S 2377(request)S 2697(message)S 3067(contains)S 3432(the)S 3586(current)S 3900(information)S 4404(label)S 4630(associated)S 720 H 4620 V 720(with)S 950(a)S 1045(TNFS)S 1341(client)S 1614(application)S 2109(\(subject\),)S 2534(and)S 2729(permits)S 3080(a)S 3175(remote)S 3503(\256le's)S 3754(object)S 4049(information)S 4572(label)S 4817(to)S 4946(be)S 720 H 4740 V 720(adjusted)S 1106(\(if)S 1253(necessary\))S 1726(as)S 1863(a)S 1961(result)S 2237(of)S 2374(a)S 2472(client)S 2748(generated)S 10 I 3189(write)S 10 R 3449(operation.)S 3935(The)S 4144(TNFS)S 4443(reply)S 4702(message)S 720 H 4860 V 720(includes)S 1089(a)S 1169(\256eld)S 1383(for)S 1535(the)S 1693(information)S 2201(label)S 2431(associated)S 2877(with)S 3091(an)S 3221(accessed)S 3605(\256le)S 3769(object,)S 4074(permitting)S 4527(the)S 4685(subject's)S 720 H 4980 V 720(information)S 1222(label)S 1446(to)S 1554(be)S 1678(adjusted)S 2041(\(if)S 2165(necessary\))S 2615(as)S 2728(a)S 2802(result)S 3054(of)S 3167(a)S 3241(client)S 3493(generated)S 10 I 3910(read)S 10 R 4123(operation.)S 720 H 5136 V 720(These)S 989(extensions)S 1442(are)S 1594(su)S 1683 H (f)show 10 -.5 mul h (\256)show 10 R 1767(cient)S 1992(to)S 2101(support)S 2432(the)S 2586(MAC)S 2846(information)S 3350(label)S 3576(policies)S 3919(with)S 4129(respect)S 4443(to)S 4553(network)S 4912(\256le)S 720 H 5256 V 720(access.)S 720 H 5496 V 10 B 720(3.3.3.)S 1005(Privilege)S 720 H 5652 V 10 R 720(The)S 914(TCSEC/CMW)S 1544(concept)S 1894(of)S 10 I 2017(least)S 2246(privilege)S 10 R 2641(is)S 2748(an)S 2882(integral)S 3227(part)S 3422(of)S 3545(the)S 3707(MLS)S 3953(environment.)S 4523(Fine)S 4741(grained)S 720 H 5772 V 720(privileges)S 1149(are)S 1305(granted)S 1638(to)S 1750(subjects)S 2106(\(and)S 2317(associated)S 2761(processes\),)S 3235(and)S 3413(executable)S 3873(objects)S 4190(\(\256les\))S 4457(according)S 4884(to)S 4996(a)S 720 H 5892 V 720(strict)S 956(set)S 1103(of)S 1222(rules.)S 1477(All)S 1641(subjects)S 1999(are)S 2156(limited)S 2476(with)S 2690(respect)S 3008(to)S 3122(the)S 3280(system)S 3594(actions)S 3913(they)S 4121(may)S 4329(perform.)S 4711(An)S 4869(exe-)S 720 H 6012 V 720(cutable)S 1052(object)S 1340(is)S 1451(also)S 1656(limited)S 1984(to)S 2106(a)S 2194(speci\256c)S 2543(set)S 2698(of)S 2825(actions,)S 3177(regardless)S 3625(of)S 3752(the)S 3918(subject)S 4245(which)S 4532(executes)S 4918(the)S 720 H 6132 V 720(object.)S 1021(Privilege)S 1414(sets)S 1596(associated)S 2038(with)S 2248(a)S 2324(\256le)S 2484(object)S 2760(are)S 2913(used)S 3129(to)S 3240(adjust)S 3512(a)S 3589(process's)S 3993(privileges)S 4420(during)S 4714(the)S 4869(exe-)S 720 H 6252 V 720(cution)S 1008(of)S 1129(that)S 1317(object.)S 1654(Thus,)S 1917(at)S 2027(any)S 2209(given)S 2469(time,)S 2710(a)S 2792(subject)S 3113(will)S 3307(possess)S 3644(only)S 3859(those)S 4107(privileges)S 4538(necessary)S 4962(to)S 720 H 6372 V 720(support)S 1050(the)S 1202(completion)S 1682(of)S 1795(its)S 1920(current)S 2232(task.)S 720 H 6528 V 720(Note,)S 975(however,)S 1379(that)S 1565(the)S 1723(privileges)S 2153(associated)S 2599(with)S 2813(a)S 2893(subject)S 3212(on)S 3348(a)S 3428(client)S 3686(system)S 4000(might)S 4270(not)S 4434(be)S 4565(extended)S 4962(to)S 720 H 6648 V 720(that)S 901(subject)S 1215(on)S 1346(a)S 1421(given)S 1674(remote)S 1981(server)S 2254(system.)S 2617(Although)S 3025(most)S 3250(subjects)S 3602(will)S 3788(likely)S 4046(retain)S 4303(their)S 4516(privileges)S 4940(on)S 720 H 6768 V 720(the)S 890(server,)S 1206(a)S 1299(client)S 1570(administrator,)S 2177(for)S 2342(example,)S 2754(might)S 3037(not)S 3214(be)S 3357(granted)S 3705(administrative)S 4326(privileges)S 4769(on)S 4918(the)S 5139(|)S 720 H 6888 V 720(server.)S 720 H 7044 V 720(For)S 913(TNFS,)S 1237(subject)S 1574(privileges)S 2022(are)S 2197(de\256ned)S 2545(within)S 2855(the)S 3031(AUTH_MLS)S 3618(credential,)S 4090(and)S 4288(\256le)S 4470(privileges)S 4919(are)S 720 H 7164 V 720(de\256ned)S 1044(within)S 1330(the)S 1482(security)S 1828(\256le)S 1986(attributes.)S 720 H 7680 V 720(TSIG-TNFS-001.2.03)S 4700([Page 3])S 7920 V EP %%Page: 4 4 BP /slant 0 def /height 1.000000 def 10 R 10 R 0 H 40 V 0(--)S 5406(--)S 720 H 520 V 720(INTERNET-DRAFT)S 2297(TNFS Protocol Speci\256cation)S 4472(May 24, 1992)S 720 H 840 V 10 B 720(3.3.4.)S 1005(File)S 1196(Name)S 1475(Attributes)S 720 H 996 V 10 R 720(UNIX)S 1007(\256le)S 1173(names)S 1466(may)S 1676(vary)S 1891(in)S 2007(length)S 2295(from)S 2527(1)S 2615(to)S 2732(255)S 2921(characters,)S 3388(and)S 3571(represent)S 3975(an)S 4108(additional)S 4547(data)S 4752(storage)S 720 H 1116 V 720(mechanism)S 1213(which)S 1495(must)S 1728(be)S 1860(protected)S 2269(by)S 2407(appropriate)S 2899(MLS)S 3143(policies.)S 3517(Generally,)S 3973(the)S 4132(contents)S 4502(of)S 4622(a)S 4703(\256le)S 4868(may)S 720 H 1236 V 720(be)S 850(classi\256ed,)S 1283(but)S 1447(the)S 1605(name)S 1857(of)S 1976(the)S 2134(\256le)S 2298(or)S 2417(knowledge)S 2891(of)S 3010(its)S 3141(existence)S 3549(is)S 3653(not.)S 3873(In)S 3993(some)S 4241(cases,)S 4513(however,)S 4918(the)S 720 H 1356 V 720(name)S 973(of)S 1093(the)S 1252(\256le)S 1417(as)S 1537(well)S 1746(as)S 1866(its)S 1998(contents)S 2368(may)S 2576(require)S 2894(classi\256cation)S 3452(and)S 3632(protection.)S 4128(For)S 4303(example,)S 4702(consider)S 720 H 1476 V 720(the)S 872(following)S 1291(\256le)S 1449(name:)S 720 H 1632 V 1220(codeword.SAND_AIRDEF.is.the.TOP-SECRET.DESERT_STORM.air.defense.project)S 720 H 1788 V 720(The)S 908(association)S 1385(of)S 1501(sensitivity)S 1946(and)S 2123(information)S 2628(labels)S 2894(with)S 3105(directory)S 3498(\256le)S 3659(name)S 3908(entries)S 4207(provides)S 4584(the)S 4740(support)S 720 H 1908 V 720(necessary)S 1137(to)S 1245(protect)S 1552(the)S 1704(use)S 1867(of)S 1980(classi\256ed)S 2382(\256le)S 2540(names.)S 720 H 2148 V 10 B 720(3.4.)S 930(Additional)S 1417(MLS)S 1664(Extensions)S 2156(for)S 2313(NFS)S 720 H 2304 V 10 R 720(In)S 833(an)S 957(MLS)S 1193(environment,)S 1753(both)S 1961(DAC)S 2202(and)S 2377(MAC)S 2636(access)S 2921(control)S 3235(policies)S 3577(are)S 3729(applied)S 4054(in)S 4163(determining)S 4677(access)S 4962(to)S 720 H 2424 V 720(a)S 820(given)S 1098(object.)S 1453(In)S 1592(a)S 1692(network)S 2075(environment)S 2636(of)S 2775(MLS)S 3036(systems)S 3408(participating)S 3968(in)S 4101(TNFS)S 4401(\256le)S 4584(access,)S 4918(the)S 720 H 2544 V 720(AUTH_MLS)S 1285(credential)S 1710(permits)S 2042(a)S 2118(TNFS)S 2396(server)S 2672(to)S 2783(apply)S 3038(both)S 3249(DAC)S 3493(and)S 3670(MAC)S 3931(policies)S 4275(in)S 4386(consideration)S 4957(of)S 720 H 2664 V 720(a)S 795(request)S 1114(from)S 1339(a)S 1414(remote)S 1722(NFS)S 1937(client)S 2190(subject.)S 2559(Thus,)S 2815(MLS)S 3052(based)S 3310(network)S 3667(\256le)S 3825(access)S 4109(using)S 4356(the)S 4508(NFS)S 4722(V2)S 4874(pro-)S 720 H 2784 V 720(tocol)S 950(can)S 1118(be)S 1242(supported)S 1666(through)S 2007(the)S 2159(use)S 2322(of)S 2435(the)S 2587(AUTH_MLS)S 3150(credential)S 3573(as)S 3686(described.)S 720 H 2940 V 720(Listing)S 1040(or)S 1159(modifying)S 1612(the)S 1770(DAC)S 2017(and)S 2198(MAC)S 2463(security)S 2816(attributes)S 3225(of)S 3345(a)S 3426(server's)S 3778(\256le)S 3943(or)S 4063(\256le)S 4228(name)S 4481(from)S 4712(a)S 4793(client,)S 720 H 3060 V 720(however,)S 1123(requires)S 1479(additional)S 1914(protocol)S 2282(extensions.)S 2794(Identifying)S 3273(additional)S 3708(security)S 4058(access)S 4346(restrictions)S 4824(when)S 720 H 3180 V 720(a)S 802(request)S 1128(is)S 1233(made)S 1488(to)S 1605(open)S 1838(a)S 1921(remote)S 2237(\256le)S 2404(is)S 2510(also)S 2710(considered)S 3181(to)S 3298(be)S 3431(a)S 3514(requirement.)S 4090(Extensions)S 4568(designed)S 4962(to)S 720 H 3300 V 720(satisfy)S 1011(these)S 1246(requirements)S 1797(are)S 1948(addressed)S 2371(by)S 2501(TNFS,)S 2801(and)S 2975(are)S 3126(described)S 3538(in)S 3646(the)S 3798(next)S 4000(subsections.)S 720 H 3540 V 10 B 720(3.4.1.)S 1005(Remote)S 1361(Access)S 1673(to)S 1786(Extended)S 2222(File)S 2413(Attributes)S 720 H 3732 V 10 R 720(The)S 907(DAC)S 1150(and)S 1326(MAC)S 1586(security)S 1934(attribute)S 2299(information)S 2803(includes)S 3168(MAC)S 3428(and)S 3604(information)S 4108(labels,)S 4399(and)S 4576(access)S 4863(con-)S 720 H 3852 V 720(trol)S 894(list)S 1052(information)S 1559(\(ACLs\).)S 1954(Supporting)S 2434(remote)S 2746(access)S 3034(to)S 3146(this)S 3325(information)S 3831(is)S 3932(more)S 4171(di)S 4249 H (f)show 10 -.5 mul h (\256)show 10 R 4333(cult)S 4517(to)S 4629(address)S 4962(in)S 720 H 3972 V 720(the)S 872(network)S 1229(environment,)S 1789(since:)S 720 H 4128 V 970(o)S 1220(it)S 1326(requires)S 1697(transmitting)S 2231(additional)S 2681(\256le)S 2859(security)S 3225(attribute)S 3608(information)S 4130(\(or)S 4296(its)S 4442(representation\))S 720 H 4248 V 1220("over)S 1468(the)S 1620(wire",)S 1893(and)S 720 H 4404 V 970(o)S 1220(additional)S 1650(\256le)S 1808(attribute)S 2171(information)S 2673(cannot)S 2969(be)S 3094(accommodated)S 3729(in)S 3838(the)S 3991(existing)S 4339(NFS)S 4554(V2)S 4707(protocol)S 720 H 4524 V 1220(\256le)S 1388(attribute)S 1761(data)S 1967(structures;)S 2423(additional)S 2863(support)S 3203(for)S 3358(setting)S 3664(and)S 3847(getting)S 4164(the)S 4325(extended)S 4724(security)S 720 H 4644 V 1220(attributes)S 1622(is)S 1719(required)S 720 H 4800 V 720(Thus,)S 978(extensions)S 1433(to)S 1544(the)S 1699(NFS)S 1916(V2)S 2071(protocol)S 2437(procedures)S 2907(have)S 3128(been)S 3350(de\256ned)S 3678(to)S 3790(support)S 4124(access)S 4412(to)S 4524(the)S 4680(extended)S 720 H 4920 V 720(attributes)S 1124(of)S 1239(served)S 1531(\256les)S 1730(and)S 1906(\256le)S 2066(names.)S 2378(The)S 2565(complete)S 2963(set)S 3106(of)S 3221(NFS)S 3437(protocol)S 3801(procedures)S 4269(and)S 4444(security)S 4791(exten-)S 720 H 5040 V 720(sions)S 956(are)S 1107(referred)S 1451(to)S 1559(in)S 1667(this)S 1842(document)S 2266(as)S 2379(the)S 2531(TNFS)S 2806(protocol.)S 720 H 5280 V 10 B 720(3.4.2.)S 1005(File)S 1196(Open)S 1460(Enhancement)S 720 H 5436 V 10 R 720(Using)S 993(the)S 1149(NFS)S 1367(V2)S 1523(protocol,)S 1915(a)S 1993(client)S 2249(request)S 2571(to)S 10 I 2683(open)S 2911(\(2\))S 10 R 3061(a)S 3139(remote)S 3450(\256le)S 3612(on)S 3746(the)S 3903(server)S 4181(may)S 4388(be)S 4517(translated)S 4940(by)S 720 H 5556 V 720(the)S 877(client)S 1134(into)S 1325(a)S 1404(GETATTR)S 1894(procedure)S 2327(call)S 2506(for)S 2657(the)S 2815(current)S 3133(directory)S 5524 V 8 R 3493(6)S 5556 V 10 R 3533(,)S 3594(followed)S 3985(by)S 4121(a)S 4201(LOOKUP)S 4642(procedure)S 720 H 5676 V 720(call)S 899(for)S 1049(the)S 1205(\256le)S 1367(to)S 1479(be)S 1607(opened.)S 1954(If)S 2054(valid)S 2288(responses)S 2710(from)S 2938(these)S 3177(procedure)S 3609(calls)S 3826(are)S 3981(returned,)S 4372(the)S 4528(client's)S 4856(NFS)S 720 H 5796 V 720(\256le)S 878(attribute)S 1241(cache)S 1497(is)S 1594(updated,)S 1965(and)S 2139(an)S 2263(open)S 2487(\256le)S 2645(descriptor)S 3074(may)S 3276(be)S 3400(returned)S 3762(to)S 3870(the)S 4022(requesting)S 4468(application.)S 720 H 5952 V 720(Since)S 986(the)S 1152(NFS)S 1380(V2)S 1546(protocol)S 1923(does)S 2150(not)S 2322(transmit)S 2694(an)S 2832(actual)S 3114(open)S 3352(request)S 3684(to)S 3806(the)S 3972(server,)S 4284(however,)S 4696(an)S 4834(MLS)S 720 H 6072 V 720(server)S 1002(will)S 1197(not)S 1364(be)S 1497(able)S 1702(to)S 1819(apply)S 2080(the)S 2241(appropriate)S 2734(DAC)S 2984(and)S 3167(MAC)S 3434(policy)S 3723(at)S 3834(the)S 3995(time)S 4212(of)S 4334(the)S 4495(open)S 4727(request,)S 720 H 6192 V 720(and)S 897(the)S 1052(application)S 1530(may)S 1736(\256nd)S 1926(that)S 2110(it)S 2200(has)S 2367(successfully)S 2889(opened)S 3211(the)S 3367(\256le,)S 3554(but)S 3716(that)S 3900(it)S 3990(cannot)S 4290(access)S 4578(the)S 4734(\256le)S 4896(due)S 720 H 6312 V 720(to)S 852(stronger)S 1233(access)S 1541(control)S 1878(policies)S 2243(being)S 2518(applied)S 2865(by)S 3018(the)S 3193(server)S 3489(in)S 3620(response)S 4022(to)S 4153(speci\256c)S 4511(client)S 4786(access)S 720 H 6432 V 720(requests.)S 720 H 6588 V 720(An)S 10 I 881(access)S 10 R 1180(protocol)S 1552(procedure)S 1989(would)S 2278(permit)S 2578(the)S 2739(client)S 3000(to)S 3117(determine)S 3555(whether)S 3915(access)S 4208(to)S 4326(the)S 4488(\256le)S 4656(would)S 4946(be)S 5139(|)S 720 H 6708 V 720(supported)S 1145(by)S 1276(the)S 1429(server,)S 1728(based)S 1986(on)S 2117(the)S 2270(application's)S 2817(open)S 3042(request)S 3361(type)S 3564(and)S 3739(the)S 3892(associated)S 4333(extended)S 4724(security)S 720 H 6828 V 720(attribute)S 1102(information.)S 1678(An)S 10 I 1849(ACCESS)S 10 R 2254(TNFS)S 2548(protocol)S 2930(procedure)S 3378(has)S 3561(been)S 3799(de\256ned)S 4143(to)S 4271(address)S 4620(this)S 4815(issue.)S 5139(|)S 720 H 6948 V 720(Thus,)S 977(if)S 1070(\256le)S 1229(attributes)S 1632(are)S 1784(being)S 2037(cached)S 2344(on)S 2475(the)S 2628(client,)S 2906(and)S 3081(the)S 3234(security)S 3581(attributes)S 3984(of)S 4098(a)S 4173(client)S 4426(process)S 4756(issuing)S 5139(|)S 720 H 7048 V 8 Y1 720(333333333333333333)S 720 H 7142 V 6 R 820(6)S 7166 V 8 R 890(Depends)S 1193(on)S 1297(the)S 1418(presence)S 1719(of)S 1809(valid)S 1992(attributes)S 2311(in)S 2397(the)S 2518(lookup)S 2764(cache)S 2968(\(DNLC\).)S 720 H 7680 V 10 R 720(TSIG-TNFS-001.2.03)S 4700([Page 4])S 7920 V EP %%Page: 5 5 BP /slant 0 def /height 1.000000 def 10 R 10 R 0 H 40 V 0(--)S 5406(--)S 720 H 520 V 720(INTERNET-DRAFT)S 2297(TNFS Protocol Speci\256cation)S 4472(May 24, 1992)S 720 H 840 V 720(a)S 801(request)S 1126(to)S 1241(open)S 1472(a)S 1553(remote)S 1867(\256le)S 2032(have)S 2257(been)S 2482(modi\256ed)S 2875(since)S 3117(the)S 3276(last)S 3452(time)S 3667(it)S 3760(issued)S 4047(an)S 4178(open)S 4410(request)S 4736(for)S 4890(that)S 5139(|)S 720 H 960 V 720(\256le,)S 915(then)S 1129(an)S 10 I 1265(ACCESS)S 10 R 1663(procedure)S 2103(call)S 2289(shall)S 2520(be)S 2656(made)S 2914(to)S 3034(the)S 3198(server)S 3483(to)S 3603(revalidate)S 4038(the)S 4202(access)S 4497(rights)S 4766(of)S 4890(that)S 5139(|)S 720 H 1080 V 720(client)S 972(process.)S 720 H 1320 V 10 B 720(3.4.3.)S 1005(File)S 1196(Name)S 1475(Enhancement)S 720 H 1476 V 10 R 720(Supporting)S 1200(the)S 1357(retrieval)S 1725(of)S 1844(the)S 2002(security)S 2354(attributes)S 2762(associated)S 3208(with)S 3422(each)S 3640(\256le)S 3804(name)S 4056(requires)S 4413(an)S 4543(extension)S 4962(to)S 5139(|)S 720 H 1596 V 720(the)S 902(directory)S 1322(result)S 1604(structure)S 2013(returned)S 2405(by)S 2565(the)S 2747(NFS)S 2991(directory)S 3410(procedures:)S 3934(LOOKUP,)S 4423(CREATE,)S 4896(and)S 5139(|)S 720 H 1716 V 720(MKDIR.)S 1108(This)S 1316(data)S 1512(structure)S 1891(extension)S 2304(is)S 2401(de\256ned)S 2725(in)S 2833(section)S 3146(3.4.5.1.)S 720 H 1872 V 720(The)S 911(ability)S 1203(to)S 1317(modify)S 1642(\256le)S 1806(name)S 2058(security)S 2410(attributes)S 2818(independently)S 3420(from)S 3650(\256le)S 3814(data)S 4016(security)S 4368(attributes)S 4776(is)S 4879(also)S 5139(|)S 720 H 1992 V 720(required.)S 1137(A)S 1239(new)S 1435(TNFS)S 1710(procedure,)S 10 I 2163(SETLABEL)S 10 R 2625(,)S 2680(has)S 2843(been)S 3061(de\256ned)S 3385(to)S 3493(support)S 3823(this)S 3998(capability.)S 720 H 2232 V 10 B 720(3.4.4.)S 1005(MultiLevel)S 1507(Directory)S 1946(Enhancement)S 720 H 2388 V 10 R 720(Directories)S 1194(are)S 1346(\256les)S 1544(which)S 1819(contain)S 2144(\256le)S 2303(names)S 2589(and)S 2764(pointers)S 3117(to)S 3226(the)S 3379(data)S 3577(associated)S 4019(with)S 4229(the)S 4383(\256le)S 4543(names.)S 4885(The)S 720 H 2508 V 720(\256les)S 923(contained)S 1347(in)S 1461(a)S 1541(directory)S 1936(include)S 2265(both)S 2478(regular)S 2795(\256les)S 2997(as)S 3115(well)S 3322(as)S 3440(other)S 3680(subdirectory)S 4214(\256les.)S 4441(Directories)S 4919(are)S 720 H 2628 V 720(used)S 933(to)S 1041(group)S 1304(\256les,)S 1526(and)S 1700(to)S 1808(support)S 2138(the)S 2290(\256le)S 2448(system)S 2756(hierarchy.)S 720 H 2784 V 720(In)S 846(an)S 983(MLS)S 1232(environment,)S 1805(\256les)S 2015(and)S 2203(directories)S 2668(are)S 2833(labeled)S 3165(with)S 3387(speci\256c)S 3736(classi\256cations;)S 4369(security)S 4729(policies)S 720 H 2904 V 720(limit)S 953(the)S 1118(access)S 1415(of)S 1541(a)S 1628(given)S 1893(\256le)S 2064(to)S 2184(a)S 2270(user)S 2478(with)S 2698(a)S 2784(classi\256cation)S 3348(which)S 3634(dominates)S 4087(the)S 4251(\256le's)S 4493(classi\256cation.)S 720 H 3024 V 720(MLS)S 962(implementations)S 1665(must)S 1896(continue)S 2276(to)S 2390(maintain)S 2776(the)S 2934(basic)S 3175(\256le)S 3339(system)S 3654(directory)S 4051(hierarchy,)S 4489(and)S 4670(also)S 4868(sup-)S 5139(|)S 720 H 3144 V 720(port)S 922(the)S 1085(MLS)S 1332(access)S 1627(policies.)S 2034(They)S 2280(must)S 2516(support)S 2857(the)S 3020(creation,)S 3406(storage,)S 3759(and)S 3943(access)S 4237(of)S 4360(\256les)S 4567(and)S 4751(data)S 4957(of)S 720 H 3264 V 720(di)S 798 H (f)show 10 -.5 mul h (f)show 10 R 859(erent)S 1094(security)S 1446(classi\256cations,)S 2069(and)S 2250(also)S 2448(provide)S 2790(some)S 3038(accommodation)S 3713(for)S 3866(the)S 4025(use)S 4195(of)S 4315(commonly)S 4780(shared)S 720 H 3384 V 720(directories,)S 1196(such)S 1409(as)S 10 I 1522(/tmp)S 10 R 1730(and)S 10 I 1904(/usr/tmp)S 10 R 2238(.)S 720 H 3540 V 720(One)S 920(implementation)S 1582(approach)S 1981(is)S 2082(to)S 2194(use)S 2361(\256le)S 2524(name)S 2775(security)S 3126(attributes,)S 3558(as)S 3676(described)S 4093(previously.)S 4605(The)S 4795(TNFS)S 5139(|)S 720 H 3660 V 720(\256le)S 884(name)S 1136(attributes)S 1544(and)S 10 I 1724(SETLABEL)S 10 R 2222(procedure)S 2656(support)S 2992(this)S 3173(approach.)S 3629(An)S 3787(alternative)S 4244(is)S 4347(to)S 4460(create)S 4732(a)S 4811(set)S 4957(of)S 720 H 3780 V 720(diversion)S 1123(directories)S 1575(below)S 1850(the)S 2003(actual)S 2272(MultiLevel)S 2753(Directory.)S 3221(Each)S 3451(diversion)S 3854(directory)S 4245(is)S 4344(associated)S 4786(with)S 4996(a)S 5139(|)S 720 H 3900 V 720(speci\256c)S 1062(classi\256cation)S 1621(level,)S 1877(and)S 2058(user)S 2261(access)S 2552(is)S 2656(directed)S 3014(into)S 3206(the)S 3364(appropriate)S 3854(diversion)S 4262(directory)S 4658(in)S 4772(a)S 4852(tran-)S 720 H 4020 V 720(sparent,)S 1072(pass-through)S 1627(manner.)S 1990(The)S 2184(TNFS)S 10 I 2468(MLD)S 10 R 2719(procedure)S 3157(supports)S 3536(diversion)S 3948(directory)S 4348(implementations.)S 5139(|)S 720 H 4140 V 720(Additional)S 1178(information)S 1680(is)S 1777(provided)S 2162(in)S 2270([4].)S 720 H 4380 V 10 B 720(3.4.5.)S 1005(TNFS)S 1291(Protocol)S 1681(Extensions)S 720 H 4536 V 10 R 720(Extensions)S 1194(to)S 1308(the)S 1466(NFS)S 1686(V2)S 1844(protocol)S 2213(are)S 2370(de\256ned)S 2700(in)S 2814(this)S 2995(section)S 3314(of)S 3433(the)S 3591(speci\256cation.)S 4187(These)S 4461(extensions)S 4919(are)S 720 H 4656 V 720(designed)S 1106(to)S 1215(support)S 1546(remote)S 1853(access)S 2137(to)S 2245(the)S 2397(security)S 2743(\256le)S 2901(attribute)S 3264(extensions,)S 3741(and)S 3915(to)S 4023(support)S 4353(the)S 4505(\256le)S 4663(open,)S 4912(\256le)S 720 H 4776 V 720(name,)S 991(and)S 1165(MultiLevel)S 1645(Directory)S 2057(enhancements.)S 720 H 5016 V 10 B 720(3.4.5.1.)S 1080(Data)S 1315(Structure)S 1755(De\256nitions)S 720 H 5172 V 10 R 720(The)S 908(de\256nitions)S 1364(which)S 1641(support)S 1974(the)S 2129(MLS)S 2368(extensions)S 2823(are)S 2977(described)S 3392(in)S 3504(this)S 3683(section.)S 4055(Since)S 4311(the)S 4467(de\256nitions)S 4924(for)S 720 H 5292 V 720(the)S 875(TNFS)S 1153(protocol)S 1519(are)S 1673(an)S 1800(extension)S 2216(of)S 2332(the)S 2487(original)S 2831(NFS)S 3048(V2)S 3203(protocol,)S 3594(this)S 3772(speci\256cation)S 4310(will)S 4499(include)S 4825(all)S 4957(of)S 720 H 5412 V 720(the)S 873(extended)S 1264(data)S 1461(structure)S 1841(de\256nitions,)S 2320(and)S 2495(a)S 2570(few)S 2750(of)S 2864(the)S 3017(original)S 3359(de\256nitions)S 3813(for)S 3960(clarity.)S 4271(Note)S 4496(that)S 4677(the)S 4830(argu-)S 720 H 5532 V 720(ments)S 989(and)S 1163(results)S 1454(are)S 1605(de\256ned)S 1929(using)S 2176(the)S 2328(RPC)S 2548(language.)S 720 H 5688 V 720(The)S 906(following)S 1326(RPC)S 1547(constants)S 1951(are)S 2104(used)S 2319(to)S 2429(identify)S 2772(the)S 2926(TNFS)S 3203(extensions)S 3657(which)S 3933(support)S 4265(MLS)S 4503(security)S 4851(poli-)S 720 H 5808 V 720(cies.)S 970(The)S 1165(TNFS)S 1450(program)S 1828(will)S 2024(be)S 2158(registered)S 2591(as)S 2714(a)S 2798(separate)S 3164(service)S 3487(with)S 3706(the)S 3869(RPC)S 4100(port)S 4302(mapping)S 4693(service.)S 5776 V 8 R 5000(7)S 720 H 5928 V 10 R 720(Registration)S 1242(as)S 1358(a)S 1435(di)S 1513 H (f)show 10 -.5 mul h (f)show 10 R 1574(erent)S 1806(service)S 2121(distinguishes)S 2677(the)S 2832(TNFS)S 3109(service)S 3423(from)S 3649(the)S 3803(original)S 4146(NFS)S 4362(V2)S 4516(service.)S 4885(The)S 720 H 6048 V 720(use)S 883(of)S 996(a)S 1070(di)S 1148 H (f)show 10 -.5 mul h (f)show 10 R 1209(erent)S 1438(version)S 1762(number)S 2097(distinguishes)S 2650(each)S 2862(request/response)S 3557(message.)S 720 H 6324 V 970(PROGRAM)S 1495(390086)S 1855(/*)S 1963(TNFS)S 2238(Program)S 2612(Number)S 2969(*/)S 720 H 6444 V 970(VERSION)S 1583(1)S 1693(/*)S 1801(TNFS)S 2076(Version)S 2422(1)S 2502(*/)S 720 H 6720 V 720(The)S 10 B 915(stat)S 10 R 1110(type)S 1322(is)S 1429(returned)S 1801(from)S 2035(every)S 2296(procedure)S 2734(call.)S 2973(A)S 3085(value)S 3341(of)S 3464(NFS_OK)S 3882(indicates)S 4277(the)S 4439(call)S 4624(completed)S 720 H 6840 V 720(successfully.)S 1271(Other)S 1536(values)S 1829(indicate)S 2183(that)S 2371(an)S 2502(error)S 2732(occurred)S 3117(during)S 3415(the)S 3574(servicing)S 3977(of)S 4097(the)S 4256(request.)S 4636(Note:)S 4895(this)S 720 H 6940 V 8 Y1 720(333333333333333333)S 720 H 7034 V 6 R 820(7)S 7058 V 8 R 890(TNFS)S 1124(server)S 1355(implementations)S 1923(may)S 2098(elect)S 2285(to)S 2385(share)S 2590(a)S 2663(common)S 2980(UDP)S 3179([13])S 3349(port)S 3515(number)S 3796(with)S 3976(the)S 4111(original)S 4396(NFS)S 4582(V2)S 720 H 7158 V 720(service,)S 988(or)S 1078(to)S 1164(make)S 1360(use)S 1490(of)S 1580(a)S 1639(di)S 1701 H (f)show 8 -.5 mul h (f)show 8 R 1750(erent)S 1932(port)S 2084(number.)S 720 H 7680 V 10 R 720(TSIG-TNFS-001.2.03)S 4700([Page 5])S 7920 V EP %%Page: 6 6 BP /slant 0 def /height 1.000000 def 10 R 10 R 0 H 40 V 0(--)S 5406(--)S 720 H 520 V 720(INTERNET-DRAFT)S 2297(TNFS Protocol Speci\256cation)S 4472(May 24, 1992)S 720 H 840 V 720(structure)S 1101(is)S 1200(unchanged)S 1664(from)S 1890(the)S 2044(NFS)S 2261(V2)S 2416(Protocol)S 2788(Speci\256cation.)S 3398(It)S 3492(is)S 3592(\(partially\))S 4024(reproduced)S 4505(here)S 4709(for)S 4858(clar-)S 720 H 960 V 720(ity.)S 720 H 1236 V 10 B 970(stat)S 720 H 1392 V 10 R 970(enum)S 1222(stat)S 1391({)S 720 H 1512 V 1220(NFS_OK)S 1628(=)S 1714(0,)S 720 H 1632 V 1220(NFSERR_PERM)S 1952(=)S 2038(1,)S 720 H 1752 V 1210(NFSERR_NOENT)S 2007(=)S 2093(2,)S 720 H 1872 V 1210(.)S 1265(.)S 1320(.)S 720 H 1992 V 1210([other)S 1478(NFS)S 1692(errors)S 1954(as)S 2067(de\256ned)S 2391(in)S 2499(the)S 2651(V2)S 2803(protocol)S 3166(speci\256cation])S 720 H 2112 V 970(};)S 720 H 2388 V 720(The)S 923(credential)S 1364(parameter)S 1810(is)S 1925(included)S 2317(in)S 2444(each)S 2675(RPC)S 2914(request)S 3251(message,)S 3663(and)S 3856(is)S 3972(used)S 4204(to)S 4331(supply)S 4647(the)S 4818(client)S 720 H 2508 V 720(subject's)S 1117(credentials)S 1591(to)S 1711(the)S 1875(server.)S 2214(The)S 2410(AUTH_MLS)S 2984(credential)S 3418(will)S 3615(be)S 3750(used)S 3974(with)S 4193(the)S 4356(TNFS)S 4642(procedure)S 720 H 2628 V 720(calls)S 933(and)S 1107(is)S 1204(de\256ned)S 1528(as)S 1641(follows:)S 720 H 2904 V 970(#de\256ne)S 1294(AUTH_MLS)S 1857(200000)S 2307(/*)S 2415(decimal)S 2761(*/)S 720 H 3060 V 970(#de\256ne)S 1294(MLS_TOKEN_SIZE)S 2179(4)S 2349(/*)S 2457(4)S 2537(octets)S 2800(or)S 2913(32)S 3043(bits)S 3218(*/)S 720 H 3216 V 970(typedef)S 1299(opaque)S 1617(t_token[MLS_TOKEN_SIZE];)S 2896(/*)S 3004(tokens)S 3295(are)S 3446(opaque)S 3764(*/)S 720 H 3372 V 970(struct)S 1222(authmls_cred)S 1790({)S 720 H 3492 V 1210(u_long)S 1548(auc_stamp;)S 2273(/*)S 2381(arbitrary)S 2754(ID)S 2889(*/)S 720 H 3612 V 1210(char)S 1501(auc_machname<255>;)S 2441(/*)S 2549(machine)S 2917(name)S 3163(*/)S 720 H 3732 V 1210(u_long)S 1548(auc_uid;)S 2222(/*)S 2330(e)S 2374 H (f)show 10 -.5 mul h (f)show 10 R 2435(ective)S 2703(uid)S 2861(*/)S 720 H 3852 V 1210(u_long)S 1548(auc_gid;)S 2222(/*)S 2330(e)S 2374 H (f)show 10 -.5 mul h (f)show 10 R 2435(ective)S 2703(gid)S 2861(*/)S 720 H 3972 V 1210(u_long)S 1548(auc_len;)S 2216(/*)S 2324(len)S 2476(of)S 2589(groups)S 2891(list)S 3044(*/)S 720 H 4092 V 1210(u_long)S 1548(auc_gids<24>;)S 2323(/*)S 2431(groups)S 2733(*/)S 720 H 4212 V 1210(u_long)S 1548(auc_aid;)S 2216(/*)S 2324(audit)S 2554(id)S 2662(*/)S 720 H 4332 V 1210(t_token)S 1540(auc_privs;)S 2226(/*)S 2334(subject)S 2647(privileges)S 3071(token)S 3323(*/)S 720 H 4452 V 1210(t_token)S 1540(auc_sens;)S 2228(/*)S 2336(sensitivity)S 2778(token)S 3030(*/)S 720 H 4572 V 1210(t_token)S 1540(auc_info;)S 2217(/*)S 2325(information)S 2827(token)S 3079(*/)S 720 H 4692 V 1210(t_token)S 1540(auc_integ;)S 2226(/*)S 2334(integrity)S 2703(token)S 2955(*/)S 720 H 4812 V 1210(t_token)S 1540(auc_vend;)S 2250(/*)S 2358(vendor)S 2665(speci\256c)S 3000(policy)S 3280(token)S 3532(*/)S 720 H 4932 V 970(};)S 720 H 5208 V 970(Note)S 1208(that)S 1402(if)S 1507(a)S 1595(given)S 1861(security)S 2221(attribute)S 2599(is)S 2711(not)S 2884(being)S 3151(exchanged,)S 3647(then)S 3864(the)S 4031(corresponding)S 4647(credential)S 720 H 5328 V 970(token)S 1227(value)S 1478(shall)S 1702(be)S 1831(set)S 1977(to)S 2090("all)S 2266(bits)S 2446(on".)S 2677(A)S 2784(given)S 3041(security)S 3392(policy)S 3677(may)S 3883(require)S 4199(that)S 4383(only)S 4595(a)S 4673(subset)S 4957(of)S 720 H 5448 V 970(the)S 1127(security)S 1478(attributes)S 1885(provided)S 2275(for)S 2426(in)S 2539(this)S 2719(speci\256cation)S 3259(be)S 3389(exchanged.)S 3906(For)S 4081(example,)S 4480(a)S 4560(C2)S 4713(network)S 720 H 5568 V 970(security)S 1317(policy)S 1598(requires)S 1950(the)S 2103(support)S 2434(of)S 2548(privileges,)S 2998(and)S 3173(might)S 3438(also)S 3630(require)S 3943(support)S 4274(for)S 4421(Access)S 4734(Control)S 720 H 5688 V 970(Lists)S 1200(\(ACLs\).)S 1595(In)S 1713(that)S 1898(case,)S 2129(the)S 2287(sensitivity,)S 2760(information,)S 3293(integrity,)S 3693(and)S 3873(vendor)S 4186(speci\256c)S 4527(token)S 4785(values)S 720 H 5808 V 970(shall)S 1189(be)S 1313(set)S 1454(to)S 1562("all)S 1733(bits)S 1908(on")S 2079(in)S 2187(the)S 2339(exchange)S 2745(messages.)S 720 H 6084 V 720(The)S 10 B 911(fattr)S 10 R 1140(structure)S 1525(de\256nes)S 1844(the)S 2002(complete)S 2404(set)S 2551(of)S 2670(\256le)S 2834(attributes)S 3242(of)S 3361(a)S 3441(\256le.)S 3630(The)S 3822(extended)S 10 B 4219(fattr)S 10 R 4449(structure)S 4835(com-)S 720 H 6204 V 720(bines)S 967(the)S 1125(NFS)S 1345(V2)S 10 B 1503(fattr)S 10 R 1732(structure)S 2117(with)S 2331(additional)S 2767(\256elds)S 3020(for)S 3172(a)S 3252(\256le's)S 3488(security)S 3840(attributes.)S 4303(The)S 4494(security)S 4846(attri-)S 720 H 6324 V 720(butes)S 961(are)S 1112(represented)S 1601(by)S 1731(tokens.)S 720 H 6600 V 970(struct)S 1222(fattr)S 1418({)S 720 H 6720 V 1210(ftype)S 1505(type;)S 1885(/*)S 1993(\256le)S 2151(type)S 2353(*/)S 720 H 6840 V 1210(u_long)S 1548(mode;)S 1978(/*)S 2086(encoded)S 2448(access)S 2732(mode)S 2984(*/)S 720 H 6960 V 1210(u_long)S 1548(nlink;)S 1932(/*)S 2040(number)S 2375(of)S 10 I 2488(hard)S 10 R 2707(links)S 2932(*/)S 720 H 7080 V 1210(u_long)S 1548(uid;)S 1914(/*)S 2022(\256le's)S 2252(owner)S 2531(id)S 2639(*/)S 720 H 7200 V 1210(u_long)S 1548(gid;)S 1914(/*)S 2022(\256le's)S 2252(group)S 2515(id)S 2623(*/)S 720 H 7680 V 720(TSIG-TNFS-001.2.03)S 4700([Page 6])S 7920 V EP %%Page: 7 7 BP /slant 0 def /height 1.000000 def 10 R 10 R 0 H 40 V 0(--)S 5406(--)S 720 H 520 V 720(INTERNET-DRAFT)S 2297(TNFS Protocol Speci\256cation)S 4472(May 24, 1992)S 720 H 840 V 1210(u_long)S 1548(size;)S 1911(/*)S 2019(\256le)S 2177(size)S 2362(in)S 2470(bytes)S 2711(*/)S 720 H 960 V 1210(u_long)S 1548(blocksize;)S 1983(/*)S 2091(number)S 2426(bytes/block)S 2917(*/)S 720 H 1080 V 1210(u_long)S 1548(rdev;)S 1933(/*)S 2041(device)S 2331(number)S 2666(of)S 2779(the)S 2931(\256le)S 3089(*/)S 720 H 1200 V 1210(u_long)S 1548(blocks;)S 1957(/*)S 2065(current)S 2377(number)S 2712(of)S 2825(blocks)S 3116(*/)S 720 H 1320 V 1210(u_long)S 1548(fsid;)S 1906(/*)S 2014(\256le)S 2172(system)S 2480(id)S 2588(*/)S 720 H 1440 V 1210(u_long)S 1548(\256leid;)S 1902(/*)S 2010(unique)S 2312(\256le)S 2470(identi\256er)S 2861(*/)S 720 H 1560 V 1210(timeval)S 1540(atime;)S 1940(/*)S 2048(time)S 2256(of)S 2369(\256le's)S 2599(last)S 2768(access)S 3052(*/)S 720 H 1680 V 1210(timeval)S 1540(mtime;)S 1974(/*)S 2082(time)S 2290(last)S 2459(modi\256ed)S 2845(\(written\))S 3224(*/)S 720 H 1800 V 1210(timeval)S 1540(ctime;)S 1940(/*)S 2048(time)S 2256(of)S 2369(last)S 2538(attribute)S 2901(change)S 3213(*/)S 720 H 1920 V 1210(t_token)S 1540(privs;)S 1918(/*)S 2026(\256le)S 2184(privileges)S 2608(token)S 2860(*/)S 720 H 2040 V 1210(t_token)S 1540(sens;)S 1920(/*)S 2028(sensitivity)S 2470(token)S 2722(*/)S 720 H 2160 V 1210(t_token)S 1540(info;)S 1909(/*)S 2017(information)S 2519(token)S 2771(*/)S 720 H 2280 V 1210(t_token)S 1540(integ;)S 1918(/*)S 2026(integrity)S 2395(token)S 2647(*/)S 720 H 2400 V 1210(t_token)S 1540(acl;)S 1894(/*)S 2002(access)S 2286(control)S 2599(list)S 2752(token)S 3004(*/)S 720 H 2520 V 1210(t_token)S 1540(vend;)S 1942(/*)S 2050(vendor)S 2357(speci\256c)S 2692(policy)S 2972(token)S 3224(*/)S 720 H 2640 V 970(};)S 720 H 2916 V 970(Note)S 1201(that)S 1388(if)S 1486(a)S 1567(given)S 1826(security)S 2179(attribute)S 2549(is)S 2653(not)S 2818(being)S 3077(exchanged,)S 3565(then)S 3774(the)S 3933(corresponding)S 4541(\256le)S 4707(attribute)S 720 H 3036 V 970(token)S 1222(value)S 1468(shall)S 1687(be)S 1811(set)S 1952(to)S 2060("all)S 2231(bits)S 2406(on".)S 720 H 3192 V 720(The)S 10 B 911(sattr)S 10 R 1146(structure)S 1531(de\256nes)S 1850(the)S 2008(\256le)S 2172(attributes)S 2580(which)S 2860(can)S 3035(be)S 3166(set)S 3314(from)S 3545(the)S 3704(client.)S 3988(The)S 4180(extended)S 10 B 4577(sattr)S 10 R 4813(struc-)S 720 H 3312 V 720(ture)S 922(combines)S 1352(the)S 1521(NFS)S 1752(V2)S 10 B 1921(sattr)S 10 R 2166(structure)S 2561(with)S 2785(additional)S 3231(\256elds)S 3494(for)S 3656(the)S 3824(security)S 4186(attributes,)S 4629(which)S 4919(are)S 720 H 3432 V 720(represented)S 1209(by)S 1339(tokens.)S 1685(A)S 1787(token)S 2039(value)S 2285(of)S 2398("all)S 2569(bits)S 2744(on")S 2915(indicates)S 3300(that)S 3480(the)S 3632(token)S 3884(\256eld)S 4092(is)S 4189(to)S 4297(be)S 4421(ignored.)S 720 H 3708 V 970(struct)S 1222(sattr)S 1424({)S 720 H 3828 V 1210(u_long)S 1548(mode;)S 1918(/*)S 2026(encoded)S 2388(access)S 2672(mode)S 2924(*/)S 720 H 3948 V 1210(u_long)S 1548(uid;)S 1854(/*)S 1962(\256le's)S 2192(owner)S 2471(id)S 2579(*/)S 720 H 4068 V 1210(u_long)S 1548(gid;)S 1854(/*)S 1962(\256le's)S 2192(group)S 2455(id)S 2563(*/)S 720 H 4188 V 1210(u_long)S 1548(size;)S 1851(/*)S 1959(\256le)S 2117(size)S 2302(in)S 2410(bytes)S 2651(*/)S 720 H 4308 V 1210(timeval)S 1540(atime;)S 1880(/*)S 1988(last)S 2157(access)S 2441(time)S 2649(*/)S 720 H 4428 V 1210(timeval)S 1540(mtime;)S 1914(/*)S 2022(last)S 2191(data)S 2387(modify)S 2706(time)S 2914(*/)S 720 H 4548 V 1210(t_token)S 1540(privs;)S 1858(/*)S 1966(\256le)S 2124(privileges)S 2548(token)S 2800(*/)S 720 H 4668 V 1210(t_token)S 1540(sens;)S 1860(/*)S 1968(sensitivity)S 2410(token)S 2662(*/)S 720 H 4788 V 1210(t_token)S 1540(info;)S 1849(/*)S 1957(information)S 2459(token)S 2711(*/)S 720 H 4908 V 1210(t_token)S 1540(integ;)S 1858(/*)S 1966(integrity)S 2335(token)S 2587(*/)S 720 H 5028 V 1210(t_token)S 1540(acl;)S 1834(/*)S 1942(access)S 2226(control)S 2539(list)S 2692(token)S 2944(*/)S 720 H 5148 V 1210(t_token)S 1540(vend;)S 1882(/*)S 1990(vendor)S 2297(speci\256c)S 2632(policy)S 2912(token)S 3164(*/)S 720 H 5268 V 970(};)S 720 H 5544 V 720(The)S 10 B 921(sattrargs)S 10 R 1349(structure)S 1744(is)S 1857(used)S 2086(by)S 2232(the)S 2400(SETATTR)S 2885(procedure.)S 3384(It)S 3491(contains)S 3870(the)S 4038(extended)S 10 B 4445(sattr)S 10 R 4691(structure)S 720 H 5664 V 720(de\256nition.)S 720 H 5940 V 970(struct)S 1222(sattrargs)S 1590({)S 720 H 6060 V 1090(fhandle)S 1419(\256le;)S 720 H 6180 V 1090(sattr)S 1292(attributes;)S 720 H 6300 V 970(};)S 720 H 6576 V 720(The)S 10 B 906(attrstat)S 10 R 1252(structure)S 1632(de\256nes)S 1946(a)S 2021(common)S 2402(procedure)S 2831(result)S 3084(containing)S 3537(the)S 3690(status)S 3950(of)S 4065(the)S 4219(procedure)S 4649(call.)S 4880(It)S 4973(is)S 720 H 6696 V 720(returned)S 1085(with)S 1296(the)S 1451(results)S 1745(of)S 1861(GETATTR,)S 2373(SETATTR,)S 2869(and)S 3045(WRITE)S 3393(procedure)S 3823(calls.)S 4093(If)S 4191(the)S 4345(call)S 4521(was)S 4708(success-)S 720 H 6816 V 720(ful,)S 10 B 894(attrstat)S 10 R 1248(contains)S 1620(the)S 1781(results)S 2081(for)S 2236(the)S 2397(speci\256c)S 2741(procedure)S 3178(called,)S 3480(and)S 3663(the)S 3824(complete)S 4229(set)S 4379(of)S 4501(\256le)S 4668(attributes)S 720 H 6936 V 720(for)S 866(the)S 1018(\256le)S 1176(on)S 1306(which)S 1580(the)S 1732(procedure)S 2160(was)S 2345(executed.)S 720 H 7680 V 720(TSIG-TNFS-001.2.03)S 4700([Page 7])S 7920 V EP %%Page: 8 8 BP /slant 0 def /height 1.000000 def 10 R 10 R 0 H 40 V 0(--)S 5406(--)S 720 H 520 V 720(INTERNET-DRAFT)S 2297(TNFS Protocol Speci\256cation)S 4472(May 24, 1992)S 720 H 840 V 970(union)S 1228(attrstat)S 1530(switch)S 1821(\(stat)S 2023(status\))S 2314({)S 720 H 960 V 1210(case)S 1411(NFS_OK:)S 720 H 1080 V 1330(fattr)S 1526(attributes;)S 720 H 1200 V 1210(default:)S 720 H 1320 V 1330(void;)S 720 H 1440 V 970(};)S 720 H 1716 V 720(The)S 10 B 914(diropargs)S 10 R 1370(structure)S 1758(is)S 1864(used)S 2086(in)S 2203(directory)S 2602(operations.)S 3082(The)S 3276(fhandle)S 10 B 3614(dir)S 10 R 3781(is)S 3888(the)S 4050(directory)S 4450(containing)S 4912(\256le)S 720 H 1836 V 720(name)S 10 B 966(name)S 10 R 1199(.)S 720 H 2112 V 970(struct)S 1222(diropargs)S 1629({)S 720 H 2232 V 1220(fhandle)S 1549(dir;)S 720 H 2352 V 1220(\256lename)S 1594(name;)S 720 H 2472 V 970(};)S 720 H 2748 V 720(The)S 10 B 927(diropres)S 10 R 1340(structure)S 1741(de\256nes)S 2076(the)S 2250(results)S 2563(of)S 2698(a)S 2794(directory)S 3206(procedure)S 3656(call.)S 3907(If)S 4025(the)S 4200(call)S 4397(was)S 4605(successful,)S 720 H 2868 V 10 B 720(diropres)S 10 R 1117(contains)S 1486(a)S 1566(new)S 1767(\256le)S 1930(handle)S 10 B 2231(\256le)S 10 R 2359(,)S 2419(the)S 2576(complete)S 2977(set)S 3123(of)S 3241(associated)S 3686(\256le)S 10 B 3849(attributes)S 10 R 4265(,)S 4325(and)S 4504(the)S 4661(\256le)S 4824(name)S 5139(|)S 720 H 2988 V 720(attributes:)S 10 B 1150(sens)S 10 R 1328(,)S 10 B 1383(info)S 10 R 1550(,)S 1605(and)S 10 B 1779(vend)S 10 R 1985(.)S 720 H 3264 V 970(union)S 1228(diropres)S 1585(switch)S 1876(\(stat)S 2078(status\))S 2369({)S 720 H 3384 V 1210(case)S 1411(NFS_OK:)S 720 H 3504 V 1330(struct)S 1582({)S 720 H 3624 V 1450(fhandle)S 1779(\256le;)S 720 H 3744 V 1450(fattr)S 1646(attributes;)S 720 H 3864 V 1450(t_token)S 1780(sens;)S 720 H 3984 V 1450(t_token)S 1780(info;)S 720 H 4104 V 1450(t_token)S 1780(vend;)S 5139(|)S 720 H 4224 V 1330(})S 1408(diropok;)S 720 H 4344 V 1210(default:)S 720 H 4464 V 1330(void;)S 720 H 4584 V 970(};)S 720 H 4860 V 720(The)S 10 B 908(readlinkres)S 10 R 1430(structure)S 1812(de\256nes)S 2128(the)S 2283(results)S 2578(of)S 2695(a)S 2773(READLINK)S 3317(procedure)S 3749(call.)S 3982(If)S 4082(the)S 4238(call)S 4416(was)S 4605(successful,)S 720 H 4980 V 10 B 720(readlinkres)S 10 R 1244(contains)S 1612(the)S 10 B 1769(data)S 10 R 1993(in)S 2106(the)S 2263(symbolic)S 2665(link)S 2856(of)S 2974(the)S 3131(\256le)S 3294(identi\256ed)S 3707(by)S 3842(the)S 3998(\256le)S 4160(handle)S 4460(argument,)S 4896(and)S 720 H 5100 V 720(the)S 873(complete)S 1270(set)S 1412(of)S 1526(associated)S 1967(\256le)S 10 B 2126(attributes)S 10 R 2542(.)S 2628(File)S 2815(attributes)S 3219(are)S 3372(returned)S 3736(with)S 3946(the)S 4100(READLINK)S 4642(procedure)S 720 H 5220 V 720(call)S 894(to)S 1002(support)S 1332(the)S 1484(information)S 1986(label)S 2210(adjustment)S 2679(policy.)S 720 H 5496 V 970(union)S 1228(readlinkres)S 1701(switch)S 1992(\(stat)S 2194(status\))S 2485({)S 720 H 5616 V 1210(case)S 1411(NFS_OK:)S 720 H 5736 V 1330(struct)S 1582({)S 720 H 5856 V 1450(path)S 1652(data;)S 720 H 5976 V 1450(fattr)S 1646(attributes;)S 720 H 6096 V 1330(})S 1408(readlinkok;)S 720 H 6216 V 1210(default:)S 720 H 6336 V 1330(void;)S 720 H 6456 V 970(};)S 720 H 6732 V 720(The)S 10 B 915(readdirres)S 10 R 1404(structure)S 1793(de\256nes)S 2116(the)S 2279(results)S 2581(of)S 2705(a)S 2790(READDIR)S 3275(procedure)S 3714(call.)S 3954(If)S 4061(the)S 4224(call)S 4409(was)S 4605(successful,)S 720 H 6852 V 10 B 720(readdirres)S 10 R 1203(returns)S 1514(a)S 1592(variable)S 1947(number)S 2286(of)S 2403(directory)S 10 B 2797(entries)S 10 R 3085(,)S 3144(with)S 3356(a)S 3434(total)S 3646(size)S 3835(of)S 3952(up)S 4086(to)S 4197(the)S 4352(amount)S 4685(speci\256ed)S 720 H 6972 V 720(in)S 830(the)S 984(argument)S 10 B 1393(count)S 10 R 1664(of)S 1779(the)S 10 B 1933(readdirargs)S 10 R 2470(structure.)S 2876(Each)S 3107(entry)S 3344(contains)S 3709(a)S 3785(unique)S 4089(\256le)S 4250(identi\256er,)S 4669(the)S 4824(name)S 5139(|)S 720 H 7092 V 720(of)S 844(the)S 1007(\256le,)S 1201(and)S 1386(an)S 1521(opaque)S 1850("pointer")S 2256(to)S 2374(the)S 2536("next")S 2830(entry)S 3075(in)S 3193(the)S 3355(directory,)S 3780(which)S 4064(is)S 4171(used)S 4394(in)S 4512(a)S 4596(subsequent)S 5139(|)S 720 H 7212 V 720(READDIR)S 1194(procedure)S 1622(call)S 1796(to)S 1904(obtain)S 2184(additional)S 2614(entries)S 2910(starting)S 3240(at)S 3342(that)S 3522("point")S 3840(in)S 3948(the)S 4100(directory.)S 4546(The)S 10 B 4732(eof)S 10 R 4890(\257ag)S 5139(|)S 720 H 7680 V 720(TSIG-TNFS-001.2.03)S 4700([Page 8])S 7920 V EP %%Page: 9 9 BP /slant 0 def /height 1.000000 def 10 R 10 R 0 H 40 V 0(--)S 5406(--)S 720 H 520 V 720(INTERNET-DRAFT)S 2297(TNFS Protocol Speci\256cation)S 4472(May 24, 1992)S 720 H 840 V 720(has)S 891(a)S 973(value)S 1227(of)S 1348(TRUE)S 1647(if)S 1746(there)S 1983(are)S 2142(no)S 2280(more)S 2523(directory)S 2920(entries.)S 3278(For)S 3454(TNFS,)S 3761(\256le)S 3926(attributes)S 4335(are)S 4493(returned)S 4862(with)S 5139(|)S 720 H 960 V 720(the)S 872(READDIR)S 1346(procedure)S 1774(call)S 1948(to)S 2056(support)S 2386(the)S 2538(information)S 3040(label)S 3264(adjustment)S 3733(policy.)S 720 H 1200 V 720(Note)S 946(that)S 1128(in)S 1238(responding)S 1714(to)S 1824(a)S 1900(READDIR)S 2376(procedure)S 2806(call,)S 3007(the)S 3161(server)S 3436(shall)S 3657(return)S 3927(only)S 4137(those)S 4381(directory)S 4774(entries)S 5139(|)S 720 H 1320 V 720(which)S 1014(the)S 1186(requesting)S 1652(client)S 1924(process)S 2273(dominates.)S 2759(Thus,)S 3034(security)S 3399(attribute)S 3781(tokens)S 4091(are)S 4261(not)S 4438(required)S 4819(to)S 4946(be)S 5139(|)S 720 H 1440 V 720(returned)S 1083(with)S 1292(each)S 1505(entry,)S 1767(and)S 1943(the)S 2097(directory)S 2489(information)S 2993(which)S 3269(is)S 3368(returned)S 3732(may)S 3936(be)S 4062(passed)S 4360(to)S 4470(the)S 4624(requesting)S 5139(|)S 720 H 1560 V 720(process)S 1049(without)S 1385(additional)S 1815(processing)S 2272(by)S 2402(the)S 2554(client)S 2806(TCB.)S 5139(|)S 720 H 1836 V 970(union)S 1228(readdirres)S 1656(switch)S 1947(\(stat)S 2149(status\))S 2440({)S 720 H 1956 V 1210(case)S 1411(NFS_OK:)S 720 H 2076 V 1330(struct)S 1582({)S 720 H 2196 V 1450(entry)S 1685(*entries;)S 720 H 2316 V 1450(bool)S 1658(eof;)S 720 H 2436 V 1450(fattr)S 1646(attributes;)S 720 H 2556 V 1330(})S 1408(readdirok;)S 720 H 2676 V 1210(default:)S 720 H 2796 V 1330(void;)S 720 H 2916 V 970(};)S 720 H 3156 V 970(TBD:)S 1228(ADD)S 1474(SOME)S 1782(RATIONALE)S 2383(HERE)S 2674(FOR)S 2899(WHY)S 3167(DON"T)S 3515(NEED)S 3811(TOKENS)S 4235(ON)S 4409(ENTRIES.)S 5139(|)S 720 H 3396 V 10 B 720(3.4.5.2.)S 1080(TNFS)S 1366(Protocol)S 1756(Procedure)S 2229(De\256nitions)S 720 H 3552 V 10 R 720(The)S 905(TNFS)S 1180(Protocol)S 1549(De\256nition)S 1985(integrates)S 2403(the)S 2555(use)S 2718(of:)S 720 H 3708 V 970(o)S 1220(the)S 1372(extended)S 10 B 1762(fattr)S 10 R 1985(and)S 10 B 2159(sattr)S 10 R 2388(structures,)S 720 H 3864 V 970(o)S 1220(an)S 1344(AUTH_MLS)S 1907(authentication)S 2503(style)S 2722(RPC)S 2942(credential,)S 720 H 4020 V 970(o)S 1220(a)S 1314(new)S 1530(TNFS)S 1825(protocol)S 2208(version)S 2552(number)S 2907(to)S 3035(di)S 3113 H (f)show 10 -.5 mul h (f)show 10 R 3174(erentiate)S 3567(between)S 3949(NFS)S 4183(V2)S 4356(and)S 4551(the)S 4724(security)S 720 H 4140 V 1220(extended)S 1610(TNFS)S 1885(protocol,)S 720 H 4296 V 970(o)S 1220(a)S 1294(new)S 1490(protocol)S 1853(procedure,)S 2306(ACCESS,)S 2740(to)S 2848(support)S 3178(the)S 3330(\256le)S 3488(open)S 3712(enhancement,)S 720 H 4452 V 970(o)S 1220(a)S 1299(new)S 1500(protocol)S 1868(procedure,)S 2326(SETLABEL,)S 2886(to)S 2999(support)S 3334(the)S 3491(modi\256cation)S 4032(of)S 4150(the)S 4308(\256le)S 4472(name)S 4724(security)S 720 H 4572 V 1220(attributes,)S 1647(and)S 720 H 4728 V 970(o)S 1220(a)S 1294(new)S 1490(protocol)S 1853(procedure,)S 2306(MLD,)S 2583(to)S 2691(support)S 3021(diversion)S 3423(directories)S 5139(|)S 720 H 4884 V 720(Other)S 979(than)S 1183(these)S 1420(changes,)S 1798(however,)S 2198(the)S 2352(syntax)S 2646(and)S 2823(semantics)S 3250(of)S 3366(TNFS)S 3644(remain)S 3954(the)S 4109(same)S 4347(as)S 4463(in)S 4574(the)S 4729(original)S 720 H 5004 V 720(NFS)S 934(V2)S 1086(speci\256cation.)S 720 H 5244 V 10 B 720(3.4.5.2.1.)S 1155(Access)S 1467(Procedure)S 720 H 5400 V 10 R 720(The)S 905(following)S 1324(descriptions)S 1837(are)S 1988(used)S 2201(to)S 2309(de\256ne)S 2583(the)S 2735(new)S 2931(ACCESS)S 3340(procedure.)S 720 H 5676 V 720(De\256nitions)S 1195(used)S 1408(to)S 1516(identify)S 1857(the)S 2009(access)S 2293(request)S 2611(type:)S 720 H 5832 V 970(#de\256ne)S 1294(READ)S 1686(0x001)S 720 H 5952 V 970(#de\256ne)S 1294(WRITE)S 1700(0x002)S 720 H 6072 V 970(#de\256ne)S 1294(EXEC)S 1675(0x004)S 720 H 6192 V 970(#de\256ne)S 1294(SEARCH)S 1749(0x008)S 720 H 6312 V 970(#de\256ne)S 1294(APPEND)S 1743(0x010)S 720 H 6588 V 720(Arguments)S 1194(for)S 1340(the)S 1492(remote)S 1799(access)S 2083(procedure:)S 720 H 6744 V 10 B 970(accessargs)S 720 H 6900 V 10 R 970(struct)S 1222(accessargs)S 1672({)S 720 H 7020 V 1210(fhandle)S 1569(\256le;)S 720 H 7140 V 1210(u_long)S 1578(\257ag;)S 720 H 7260 V 1000(};)S 720 H 7680 V 720(TSIG-TNFS-001.2.03)S 4700([Page 9])S 7920 V EP %%Page: 10 10 BP /slant 0 def /height 1.000000 def 10 R 10 R 0 H 40 V 0(--)S 5406(--)S 720 H 520 V 720(INTERNET-DRAFT)S 2297(TNFS Protocol Speci\256cation)S 4472(May 24, 1992)S 720 H 840 V 720(Response)S 1133(from)S 1357(the)S 1509(remote)S 1816(access)S 2100(procedure:)S 720 H 996 V 10 B 970(accessres)S 720 H 1152 V 10 R 970(union)S 1228(accessres)S 1628(switch)S 1919(\()S 1982(stat)S 2151(status)S 2409(\))S 2472({)S 720 H 1272 V 1090(case)S 1291(NFS_OK:)S 720 H 1392 V 1210(struct)S 1462({)S 720 H 1512 V 1330(bool_t)S 1616(status;)S 1962(/*)S 2070(access)S 2354(status:)S 2640(TRUE)S 2931(or)S 3044(FALSE)S 3410(*/)S 720 H 1632 V 1330(fattr)S 1556(attributes;)S 2016(/*)S 2124(standard)S 2492(\256le)S 2650(attributes)S 3052(*/)S 720 H 1752 V 1210(})S 1318(accessok;)S 720 H 1908 V 1090(default:)S 720 H 2028 V 1220(void;)S 720 H 2268 V 970(};)S 720 H 2544 V 720(Procedure)S 1154(de\256nition)S 1568(for)S 1714(checking)S 2104(remote)S 2411(access)S 2695(permission:)S 720 H 2700 V 10 B 970(accessres)S 720 H 2820 V 970(NFSPROC_ACCESS\(accessargs\))S 2426(=)S 2513(18)S 720 H 2976 V 10 R 970(Description:)S 720 H 3132 V 970(Determine)S 1427(if)S 1524(access)S 1815(as)S 1935(described)S 2354(by)S 10 B 2491(\257ag)S 10 R 2684(will)S 2877(be)S 3008(permitted)S 3428(on)S 3565(the)S 3724(remote)S 4038(served)S 4335(object)S 10 B 4616(\256le)S 10 R 4781(by)S 4918(the)S 720 H 3252 V 970(requester.)S 1426(Flag)S 1640(values)S 1931(are)S 2088(bit)S 2230(encoded)S 2598(as)S 2717(de\256ned)S 3047(previously.)S 3530(READ)S 3838(access)S 4128(means)S 4419(that)S 4604(the)S 4761(data)S 4962(in)S 720 H 3372 V 10 B 970(\256le)S 10 R 1131(can)S 1302(be)S 1429(read,)S 1658(WRITE)S 2007(access)S 2294(means)S 2582(that)S 2765(the)S 2920(data)S 3119(in)S 10 B 3231(\256le)S 10 R 3393(can)S 3565(be)S 3693(modi\256ed)S 4083(\(written\),)S 4491(EXEC)S 4786(access)S 720 H 3492 V 970(means)S 1266(that)S 10 B 1457(\256le)S 10 R 1626(can)S 1805(be)S 1940(accessed)S 2328(and)S 2512(executed)S 2906(\(local)S 3173(execution)S 3601(of)S 3724(a)S 3808(remote)S 4125(\256le\),)S 4351(SEARCH)S 4786(access)S 720 H 3612 V 970(means)S 1262(that)S 1449(the)S 1608(directory)S 10 B 2005(\256le)S 10 R 2170(can)S 2345(be)S 2476(used)S 2696(as)S 2816(the)S 2975(argument)S 3389(to)S 3504(a)S 3586(LOOKUP)S 4029(operation,)S 4469(and)S 4651(APPEND)S 720 H 3732 V 970(means)S 1255(that)S 1435(the)S 1587(\256le)S 1745(size)S 1930(can)S 2098(be)S 2222(extended.)S 2667(If)S 10 B 2763(status)S 10 R 3043(is)S 3140(NFS_OK:)S 720 H 3888 V 10 B 1220(accessok.status)S 10 R 1908(will)S 2112(be)S 2254(set)S 2413(to)S 10 B 2539(TRUE)S 10 R 2865(if)S 2974(the)S 3144(access)S 3446(request)S 3782(would)S 4080(be)S 4222(allowed,)S 4611(and)S 4803(set)S 4962(to)S 720 H 4008 V 10 B 1220(FALSE)S 10 R 1573(otherwise,)S 2016(and)S 720 H 4164 V 10 B 1220(attributes)S 10 R 1666(will)S 1852(contain)S 2176(the)S 2328(complete)S 2724(set)S 2865(of)S 2978(\256le)S 3136(attributes)S 720 H 4320 V 970(Otherwise:)S 720 H 4476 V 1220(the)S 1372(NFSERR)S 1781(error)S 2004(number)S 2339(returned)S 2701(identi\256es)S 3098(the)S 3250(error)S 3473(condition)S 720 H 4632 V 970(Implementation:)S 720 H 4788 V 970(The)S 1167(ACCESS)S 1588(procedure)S 2028(provides)S 2414(a)S 2501(means)S 2799(for)S 2958(checking)S 3361(\256le)S 3532(access)S 3829(permission)S 4311(prior)S 4548(to)S 4669(issuing)S 4996(a)S 720 H 4908 V 970(subsequent)S 1452(set)S 1601(of)S 1722(\256le)S 1888(operations.)S 2367(For)S 2544(example,)S 2945(a)S 3027(TNFS)S 3310(client)S 3570(may)S 3780(issue)S 4018(an)S 4150(access)S 4441(procedure)S 4876(as)S 4996(a)S 720 H 5028 V 970(result)S 1223(of)S 1337(an)S 1462(application's)S 2009(\256le)S 10 I 2168(open)S 2393(\(2\))S 10 R 2540(request)S 2859(to)S 2968(determine)S 3398(if)S 3490(subsequent)S 3965(\256le)S 10 I 4124(reads)S 10 R 4377(and/or)S 10 I 4663(writes)S 10 R 4940(by)S 720 H 5148 V 970(the)S 1128(application)S 1608(would)S 1894(be)S 2024(denied)S 2326(by)S 2462(the)S 2620(server)S 2899(as)S 3018(a)S 3098(result)S 3356(of)S 3475(the)S 3633(server's)S 3983(extended)S 4378(\256le)S 4541(access)S 4830(secu-)S 5139(|)S 720 H 5268 V 970(rity)S 1153(policies.)S 1563(Note)S 1801(that)S 1995(the)S 2161(processing)S 2632(of)S 2759(an)S 10 I 2897(open)S 3135(\(2\))S 10 R 3295(request)S 3628(for)S 3789(a)S 3878(remote)S 4200(\256le)S 4373(shall)S 4607(include)S 4946(an)S 5139(|)S 720 H 5388 V 10 I 970(ACCESS)S 10 R 1366(procedure)S 1804(call)S 1988(if)S 2089(the)S 2251(security)S 2607(attributes)S 3019(of)S 3142(the)S 3304(issuing)S 3628(client)S 3890(process)S 4229(have)S 4457(been)S 4684(modi\256ed)S 5139(|)S 720 H 5508 V 970(since)S 1210(the)S 1367(last)S 1541(time)S 1754(that)S 1939(process)S 2273(issued)S 2558(an)S 2687(open)S 2916(request)S 3240(for)S 3392(that)S 3578(\256le.)S 3797(Note)S 4027(also)S 4224(that)S 4410(the)S 4568(information)S 5139(|)S 720 H 5628 V 970(returned)S 1352(by)S 1502(the)S 1674(server)S 1967(in)S 2095(response)S 2494(to)S 2622(an)S 2766(ACCESS)S 3195(procedure)S 3643(call)S 3837(is)S 3954(not)S 4131(static;)S 4419(subsequent)S 4912(\256le)S 720 H 5748 V 970(administrative)S 1572(procedures)S 2039(may)S 2241(result)S 2493(in)S 2601(the)S 2753(modi\256cation)S 3289(of)S 3402(the)S 3554(\256le's)S 3784(security)S 4130(attributes.)S 720 H 5988 V 10 B 720(3.4.5.2.2.)S 1155(Set)S 1318(Label)S 1593(Procedure)S 720 H 6144 V 10 R 720(The)S 905(following)S 1324(descriptions)S 1837(are)S 1988(used)S 2201(to)S 2309(de\256ne)S 2583(the)S 2735(new)S 2931(SETLABEL)S 3461(procedure.)S 720 H 6420 V 720(Arguments)S 1194(for)S 1340(the)S 1492(set)S 1633(label)S 1857(procedure:)S 720 H 6576 V 10 B 970(setlabargs)S 720 H 6732 V 10 R 970(struct)S 1222(setlabargs)S 1651({)S 720 H 6852 V 1210(struct)S 1462(diropargs)S 1869(dirargs;)S 720 H 6972 V 1210(t_token)S 1570(sens;)S 720 H 7092 V 1210(t_token)S 1570(info;)S 720 H 7212 V 1210(t_token)S 1570(vend;)S 5139(|)S 720 H 7680 V 720(TSIG-TNFS-001.2.03)S 4650([Page 10])S 7920 V EP %%Page: 11 11 BP /slant 0 def /height 1.000000 def 10 R 10 R 0 H 40 V 0(--)S 5406(--)S 720 H 520 V 720(INTERNET-DRAFT)S 2297(TNFS Protocol Speci\256cation)S 4472(May 24, 1992)S 720 H 840 V 1000(};)S 720 H 1116 V 720(Response)S 1133(from)S 1357(the)S 1509(set)S 1650(label)S 1874(procedure:)S 5139(|)S 720 H 1272 V 10 B 970(diropres)S 10 R 5139(|)S 720 H 1428 V 970(union)S 1228(diropres)S 1585(switch)S 1876(\()S 1939(stat)S 2108(status)S 2366(\))S 2429({)S 5139(|)S 720 H 1548 V 1090(case)S 1291(NFS_OK:)S 5139(|)S 720 H 1668 V 1210(struct)S 1462({)S 5139(|)S 720 H 1788 V 1300(fhandle)S 1629(\256le;)S 5139(|)S 720 H 1908 V 1300(fattr)S 1496(attributes;)S 5139(|)S 720 H 2028 V 1300(t_token)S 1630(sens;)S 5139(|)S 720 H 2148 V 1300(t_token)S 1630(info;)S 5139(|)S 720 H 2268 V 1300(t_token)S 1630(vend;)S 5139(|)S 720 H 2388 V 1090(})S 1168(diropok;)S 5139(|)S 720 H 2544 V 1090(default:)S 5139(|)S 720 H 2664 V 1220(void;)S 720 H 2904 V 970(};)S 5139(|)S 720 H 3180 V 720(Procedure)S 1154(de\256nition)S 1568(for)S 1714(setting)S 2011(\256le)S 2169(name)S 2415(security)S 2761(attributes:)S 720 H 3336 V 10 B 970(diropres)S 720 H 3456 V 970(NFSPROC_SETLABEL\(setlabargs\))S 2551(=)S 2638(19)S 720 H 3612 V 10 R 970(Description:)S 720 H 3768 V 970(Set)S 1136(the)S 1296(\256le)S 1463(name)S 1718(security)S 2073(attributes:)S 2512(the)S 2673(sensitivity)S 3124(label)S 10 B 3357(sens)S 10 R 3535(,)S 3599(the)S 3760(information)S 4271(label)S 10 B 4504(info)S 10 R 4671(,)S 4735(and)S 4918(the)S 5139(|)S 720 H 3888 V 970(vendor)S 1287(speci\256c)S 1631(policy)S 1920(label)S 10 B 2153(vend)S 10 R 2398(on)S 2537(the)S 2698(\256le)S 2865(name)S 10 B 3120(name)S 10 R 3392(in)S 3509(the)S 3670(parent)S 3958(directory)S 10 B 4357(dir)S 10 R 4485(.)S 4579(If)S 10 B 4684(status)S 10 R 4973(is)S 720 H 4008 V 970(NFS_OK:)S 720 H 4164 V 1220(then)S 1427(the)S 1584(reply)S 10 B 1824(\256le)S 10 R 1987(and)S 2166(reply)S 10 B 2406(attributes)S 10 R 2857(are)S 3013(the)S 3170(\256le)S 3333(handle)S 3634(and)S 3813(attributes)S 4220(for)S 4371(the)S 4529(\256le)S 10 B 4693(name)S 10 R 4962(in)S 720 H 4284 V 1220(the)S 1374(directory)S 1766(given)S 2020(by)S 10 B 2152(dir)S 10 R 2312(in)S 2422(the)S 2576(argument,)S 3010(and)S 3186(the)S 3340(reply)S 10 B 3577(sens)S 10 R 3755(,)S 3812(reply)S 10 B 4048(info)S 10 R 4215(,)S 4271(and)S 4446(reply)S 10 B 4682(vend)S 10 R 4919(are)S 5139(|)S 720 H 4404 V 1220(the)S 1372(sensitivity,)S 1839(information,)S 2366(and)S 2540(vendor)S 2847(speci\256c)S 3182(policy)S 3462(labels)S 3725(for)S 3871(the)S 4023(\256le)S 4181(name)S 10 B 4427(name)S 10 R 4660(.)S 720 H 4560 V 970(Otherwise:)S 720 H 4716 V 1220(the)S 1372(NFSERR)S 1781(error)S 2004(number)S 2339(returned)S 2701(identi\256es)S 3098(the)S 3250(error)S 3473(condition)S 720 H 4872 V 970(Implementation:)S 720 H 5028 V 970(The)S 1166(SETLABEL)S 1707(procedure)S 2146(provides)S 2531(a)S 2616(means)S 2912(for)S 3069(modifying)S 3527(the)S 3690(\256le)S 3860(name)S 4118(security)S 4476(attributes:)S 4918(the)S 5139(|)S 720 H 5148 V 970(sensitivity,)S 1458(information,)S 2006(and)S 2201(vendor)S 2529(speci\256c)S 2884(policy)S 3184(labels)S 3467(associated)S 3927(with)S 4155(the)S 4327(\256le)S 4505(name)S 4771(object.)S 720 H 5268 V 970(When)S 1255(a)S 1346(\256le)S 1521(is)S 1635(created,)S 1994(the)S 2163(\256le)S 2338(name)S 2601(sensitivity)S 3060(label)S 3301(will)S 3504(be)S 3645(set)S 3804(equal)S 4068(to)S 4194(the)S 4364(sensitivity)S 4824(value)S 5139(|)S 720 H 5388 V 970(identi\256ed)S 1382(in)S 1494(the)S 1650(credential)S 2077(structure,)S 2485(and)S 2663(the)S 2819(\256le)S 2981(name)S 3231(information)S 3737(label)S 3965(will)S 4154(be)S 4281(set)S 4425(to)S 4536(the)S 4691(informa-)S 5139(|)S 720 H 5508 V 970(tion)S 1167(value)S 1424(identi\256ed)S 1843(in)S 1962(the)S 2125(credential)S 2559(structure.)S 3005(Once)S 3257(the)S 3421(\256le)S 3591(is)S 3700(created,)S 4054(however,)S 4464(the)S 4628(sensitivity)S 720 H 5628 V 970(and)S 1157(information)S 1672(labels)S 1948(of)S 2074(the)S 2239(\256le)S 2410(name)S 2669(and)S 2856(the)S 3021(\256le)S 3192(data)S 3401(are)S 3565(maintained)S 4052(independently.)S 4715(The)S 4912(\256le)S 720 H 5748 V 970(data)S 1170(security)S 1520(attribute)S 1887(information)S 2393(is)S 2494(maintained)S 2972(by)S 3107(SETATTR,)S 3606(and)S 3785(the)S 3942(\256le)S 4105(name)S 4356(security)S 4707(attribute)S 720 H 5868 V 970(information)S 1472(is)S 1569(maintained)S 2043(by)S 2173(SETLABEL.)S 720 H 6108 V 10 B 720(3.4.5.2.3.)S 1155(MultiLevel)S 1657(Diversion)S 2098(Directory)S 2537(Procedure)S 5139(|)S 720 H 6264 V 10 R 720(The)S 905(following)S 1324(descriptions)S 1837(are)S 1988(used)S 2201(to)S 2309(de\256ne)S 2583(the)S 2735(new)S 2931(procedure)S 3359(to)S 3467(support)S 3797(diversion)S 4199(directories.)S 5139(|)S 720 H 6540 V 720(De\256nitions)S 1195(used)S 1408(to)S 1516(identify)S 1857(the)S 2009(MLD)S 2261(request)S 2579(operations:)S 5139(|)S 720 H 6696 V 970(#de\256ne)S 1294(CREATE)S 1803(1)S 5139(|)S 720 H 6816 V 970(#de\256ne)S 1294(REMOVE)S 1836(2)S 5139(|)S 720 H 6936 V 970(#de\256ne)S 1294(ISMLD)S 1755(3)S 5139(|)S 720 H 7680 V 720(TSIG-TNFS-001.2.03)S 4650([Page 11])S 7920 V EP %%Page: 12 12 BP /slant 0 def /height 1.000000 def 10 R 10 R 0 H 40 V 0(--)S 5406(--)S 720 H 520 V 720(INTERNET-DRAFT)S 2297(TNFS Protocol Speci\256cation)S 4472(May 24, 1992)S 720 H 840 V 720(Arguments)S 1194(for)S 1340(the)S 1492(MLD)S 1744(procedure:)S 720 H 996 V 10 B 970(mldargs)S 720 H 1152 V 10 R 970(struct)S 1222(mldargs)S 1574({)S 720 H 1272 V 1210(fhandle)S 1569(\256le;)S 720 H 1392 V 1210(u_long)S 1578(op;)S 5139(|)S 720 H 1512 V 1000(};)S 720 H 1788 V 720(Response)S 1133(from)S 1357(the)S 1509(remote)S 1816(access)S 2100(procedure:)S 720 H 1944 V 10 B 970(mldres)S 720 H 2100 V 10 R 970(union)S 1228(mldres)S 1530(switch)S 1821(\()S 1884(stat)S 2053(status)S 2311(\))S 2374({)S 720 H 2220 V 1090(case)S 1291(NFS_OK:)S 720 H 2340 V 1210(struct)S 1462({)S 720 H 2460 V 1330(bool_t)S 1616(status;)S 1962(/*)S 2070(ISMLD)S 2411(status:)S 2697(TRUE)S 2988(or)S 3101(FALSE)S 3467(*/)S 720 H 2580 V 1330(fattr)S 1556(attributes;)S 2016(/*)S 2124(standard)S 2492(\256le)S 2650(attributes)S 3052(*/)S 720 H 2700 V 1210(})S 1318(mldok;)S 720 H 2856 V 1090(default:)S 720 H 2976 V 1220(void;)S 720 H 3216 V 970(};)S 720 H 3492 V 720(Procedure)S 1154(de\256nition)S 1568(for)S 1714(maintaining)S 2222(diversion)S 2624(directories:)S 5139(|)S 720 H 3648 V 10 B 970(mldres)S 720 H 3768 V 970(NFSPROC_MLD\(mldargs\))S 2171(=)S 2258(20)S 720 H 3924 V 10 R 970(Description:)S 720 H 4080 V 970(Support)S 1327(the)S 1489(creation)S 1850(and)S 2035(removal)S 2403(of)S 2527(diversion)S 2940(directories,)S 3427(and)S 3612(the)S 3775(ability)S 4072(to)S 4191(determine)S 4631(if)S 4733(a)S 4818(given)S 5139(|)S 720 H 4200 V 970(directory)S 1372(is)S 1481(a)S 1567(diversion)S 1981(directory.)S 2438(The)S 2635(CREATE)S 3066(operation)S 3485(requests)S 3854(that)S 4046(a)S 4132(diversion)S 4545(directory)S 4946(be)S 5139(|)S 720 H 4320 V 970(created,)S 1320(the)S 1480(REMOVE)S 1940(operation)S 2355(requests)S 2720(that)S 2908(a)S 2990(diversion)S 3401(directory)S 3800(be)S 3933(destroyed,)S 4385(and)S 4568(the)S 4729(ISMLD)S 5139(|)S 720 H 4440 V 970(operation)S 1377(requests)S 1734(that)S 1914(the)S 2066(diversion)S 2468(status)S 2726(of)S 2839(the)S 2991(\256le)S 3149(be)S 3273(returned.)S 3690(If)S 10 B 3786(status)S 10 R 4066(is)S 4163(NFS_OK:)S 720 H 4596 V 1220(if)S 1314(the)S 10 B 1469(mldargs.op)S 10 R 1983(was)S 2171(ISMLD,)S 2540(then)S 10 B 2745(mldok.status)S 10 R 3326(will)S 3515(be)S 3642(set)S 3786(to)S 10 B 3898(TRUE)S 10 R 4210(if)S 4305(the)S 4461(\256le)S 4623(is)S 4724(a)S 4802(diver-)S 5139(|)S 720 H 4716 V 1220(sion)S 1417(directory,)S 1832(and)S 2006(set)S 2147(to)S 10 B 2255(FALSE)S 10 R 2608(otherwise)S 720 H 4872 V 1220(if)S 1311(the)S 10 B 1463(mldargs.op)S 10 R 1974(was)S 2159(not)S 2317(ISMLD,)S 2683(then)S 2885(mldok.status)S 3424(has)S 3587(no)S 3717(meaning)S 5139(|)S 720 H 5028 V 10 B 1220(attributes)S 10 R 1666(will)S 1852(contain)S 2176(the)S 2328(complete)S 2724(set)S 2865(of)S 2978(\256le)S 3136(attributes)S 720 H 5184 V 970(Otherwise:)S 720 H 5340 V 1220(the)S 1372(NFSERR)S 1781(error)S 2004(number)S 2339(returned)S 2701(identi\256es)S 3098(the)S 3250(error)S 3473(condition)S 720 H 5496 V 970(Implementation:)S 720 H 5652 V 970(The)S 1155(MLD)S 1408(procedure)S 1837(provides)S 2212(the)S 2365(means)S 2651(for)S 2798(creating,)S 3175(removing,)S 3614(and)S 3789(checking)S 4180(for)S 4327(the)S 4480(existence)S 4882(of)S 4996(a)S 5139(|)S 720 H 5772 V 970(diversion)S 1372(directory.)S 5139(|)S 720 H 5928 V 970(MultiLevel)S 1452(Directory)S 1866(implementations)S 2565(which)S 2841(make)S 3089(use)S 3254(of)S 3369(\256le)S 3529(name)S 3777(attributes)S 4181(shall)S 4403(return)S 10 B 4674(status)S 10 R 4957(of)S 5139(|)S 720 H 6048 V 970(NFS_OK)S 1385(in)S 1500(response)S 1886(to)S 2001(CREATE,)S 2451(REMOVE,)S 2934(and)S 3114(ISMLD)S 3461(requests,)S 3849(since)S 4090(all)S 4226(directories)S 4683(are)S 4840(Mul-)S 5139(|)S 720 H 6168 V 970(tiLevel)S 1283(Directories)S 1756(in)S 1864(such)S 2077(an)S 2201(environment)S 2736(and)S 2910(thus)S 3107(no)S 3237(explicit)S 3567(action)S 3841(is)S 3938(required.)S 720 H 6408 V 10 B 720(3.4.5.2.4.)S 1155(TNFS)S 1441(Service)S 1781(Routines)S 720 H 6564 V 10 R 720(The)S 927(TNFS)S 1224(protocol)S 1609(de\256nition)S 2045(is)S 2164(de\256ned)S 2510(below)S 2806(as)S 2941(a)S 3037(set)S 3201(of)S 3337(procedures,)S 3852(arguments,)S 4346(and)S 4543(results.)S 4912(All)S 720 H 6684 V 720(modi\256ed)S 1135(data)S 1360(structure)S 1768(de\256nitions)S 2250(are)S 2430(included)S 2833(in)S 2970(this)S 3174(speci\256cation.)S 3793(Most)S 4058(NFS)S 4301(V2)S 4482(protocol)S 4874(data)S 720 H 6804 V 720(de\256nitions)S 1180(remain)S 1494(unchanged,)S 1988(and)S 2169(are)S 2328(documented)S 2854(in)S 2970(the)S 3130(NFS)S 3352(V2)S 3512(protocol)S 3883(speci\256cation.)S 4481(The)S 4674(complete)S 720 H 6924 V 720(set)S 871(of)S 994(TNFS)S 1279(protocol)S 1651(procedures)S 2127(are)S 2287(de\256ned)S 2620(below.)S 2958(The)S 3152(ACCESS,)S 3595(SETLABEL,)S 4159(and)S 4342(MLD)S 4603(procedures)S 720 H 7044 V 720(are)S 891(new,)S 1132(but)S 1310(the)S 1482(other)S 1737(procedures)S 2224(are)S 2395(the)S 2567(same)S 2823(as)S 2957(those)S 3219(de\256ned)S 3564(in)S 3693(the)S 3866(NFS)S 4101(V2)S 4274(speci\256cation.)S 4885(The)S 720 H 7164 V 720(GETATTR,)S 1267(SETATTR,)S 1798(LOOKUP,)S 2295(READLINK,)S 2897(READ,)S 3260(WRITE,)S 3667(CREATE,)S 4147(MKDIR,)S 4571(READDIR,)S 720 H 7284 V 720(ACCESS,)S 1160(SETLABEL,)S 1721(and)S 1901(MLD)S 2159(procedures)S 2632(for)S 2784(the)S 2943(TNFS)S 3225(protocol,)S 3620(however,)S 4025(include)S 4356(the)S 4515(extended)S 4912(\256le)S 720 H 7680 V 720(TSIG-TNFS-001.2.03)S 4650([Page 12])S 7920 V EP %%Page: 13 13 BP /slant 0 def /height 1.000000 def 10 R 10 R 0 H 40 V 0(--)S 5406(--)S 720 H 520 V 720(INTERNET-DRAFT)S 2297(TNFS Protocol Speci\256cation)S 4472(May 24, 1992)S 720 H 840 V 720(attribute)S 1083(structure)S 10 I 1462(fattr)S 10 R 1665(in)S 1773(the)S 1925(response)S 2304(message.)S 720 H 996 V 970(program)S 1338(TNFS_PROGRAM)S 2158({)S 720 H 1116 V 1090(version)S 1414(TNFS_VERSION)S 2172({)S 720 H 1236 V 1210(void)S 1628(NFSPROC_NULL)S 2420(\(void\))S 2694(=)S 2780(0;)S 720 H 1356 V 1210(attrstat)S 1602(NFSPROC_GETATTR)S 2583(\(fhandle\))S 2978(=)S 3064(1;)S 720 H 1476 V 1210(attrstat)S 1602(NFSPROC_SETATTR)S 2567(\(sattrargs\))S 3001(=)S 3087(2;)S 720 H 1596 V 1210(diropres)S 1657(NFSPROC_LOOKUP)S 2588(\(diropargs\))S 3061(=)S 3147(4;)S 720 H 1716 V 1210(readlinkres)S 1683(NFSPROC_READLINK)S 2719(\(fhandle\))S 3114(=)S 3200(5;)S 720 H 1836 V 1210(readres)S 1647(NFSPROC_READ)S 2445(\(readargs\))S 2878(=)S 2964(6;)S 720 H 1956 V 1210(attrstat)S 1602(NFSPROC_WRITE)S 2444(\(writeargs\))S 2911(=)S 2997(8;)S 720 H 2076 V 1210(diropres)S 1657(NFSPROC_CREATE)S 2572(\(createargs\))S 3071(=)S 3157(9;)S 720 H 2196 V 1210(stat)S 1589(NFSPROC_REMOVE)S 2537(\(diropargs\))S 3010(=)S 3096(10;)S 720 H 2316 V 1210(stat)S 1589(NFSPROC_RENAME)S 2537(\(renameargs\))S 3092(=)S 3178(11;)S 720 H 2436 V 1210(stat)S 1589(NFSPROC_LINK)S 2353(\(linkargs\))S 2771(=)S 2857(12;)S 720 H 2556 V 1210(stat)S 1589(NFSPROC_SYMLINK)S 2570(\(symlinkargs\))S 3155(=)S 3241(13;)S 720 H 2676 V 1210(diropres)S 1657(NFSPROC_MKDIR)S 2516(\(createargs\))S 3015(=)S 3101(14;)S 720 H 2796 V 1210(stat)S 1589(NFSPROC_RMDIR)S 2443(\(diropargs\))S 2916(=)S 3002(15;)S 720 H 2916 V 1210(readdirres)S 1668(NFSPROC_READDIR)S 2638(\(readdirargs\))S 3182(=)S 3268(16;)S 720 H 3036 V 1210(statfsres)S 1627(NFSPROC_STATFS)S 2515(\(fhandle\))S 2910(=)S 2996(17;)S 720 H 3156 V 1210(accessres)S 1670(NFSPROC_ACCESS)S 2575(\(accessargs\))S 3091(=)S 3177(18;)S 720 H 3276 V 1210(diropres)S 1657(NFSPROC_SETLABEL)S 2683(\(setlabargs\))S 3178(=)S 3264(19;)S 5139(|)S 720 H 3396 V 1210(mldres)S 1662(NFSPROC_MLD)S 2410(\(mldargs\))S 2828(=)S 2914(20;)S 720 H 3516 V 1090(})S 1168(=)S 1254(1;)S 1482(/*)S 1590(Trusted)S 1925(NFS)S 2139(Version)S 2485(1)S 2595(*/)S 720 H 3636 V 970(})S 1048(=)S 1134(390086;)S 1582(/*)S 1690(Trusted)S 2025(NFS)S 2239(Program)S 2613(Number)S 2970(*/)S 720 H 3876 V 10 B 720(3.4.6.)S 1005(Using)S 1280(TNFS)S 720 H 4032 V 10 R 720(With)S 963(the)S 1128(TNFS)S 1416(protocol)S 1792(procedures)S 2272(described)S 2698(above,)S 3005(listing)S 3300(and)S 3488(modifying)S 3949(remote)S 4270(extended)S 4674(\256le)S 4846(attri-)S 720 H 4152 V 720(butes)S 969(is)S 1073(now)S 1282(supported.)S 1738(The)S 1930(de\256nition)S 2351(of)S 2471(a)S 2552(new)S 2755(application)S 3236(programming)S 3817(interface)S 4202(\(API\))S 4466(to)S 4581(support)S 4918(the)S 720 H 4272 V 720(display)S 1050(of)S 1174(a)S 1259(\256le's)S 1500(security)S 1857(attributes)S 2270(will)S 2467(permit)S 2769(either)S 3037(a)S 3122(new)S 3329(\256le)S 3498(list)S 3662(command)S 4097(\(e.g.)S 4315(lsacl,)S 4564(lsmac\))S 4871(or)S 4996(a)S 720 H 4392 V 720(modi\256cation)S 1258(to)S 1368(the)S 1522(existing)S 10 I 1871(ls)S 1970(\(2\))S 10 R 2118(command)S 2544(to)S 2654(display)S 2975(the)S 3129(security)S 3477(attribute)S 3842(information)S 4346(associated)S 4787(with)S 4996(a)S 720 H 4512 V 720(remote)S 1032(\256le.)S 1251(Likewise,)S 1678(the)S 1836(de\256nition)S 2256(of)S 2375(a)S 2455(new)S 2657(API)S 2854(for)S 3006(setting)S 3309(a)S 3389(\256le's)S 3625(security)S 3977(attributes)S 4385(will)S 4577(permit)S 4874(new)S 720 H 4632 V 720(change)S 1032(security)S 1378(attribute)S 1741(commands)S 2204(to)S 2312(be)S 2436(developed)S 2876(\(e.g.)S 3083(chacl,)S 3348(chmac\).)S 720 H 4788 V 720(The)S 906(\256le)S 1065(open)S 1290(enhancement)S 1848(discussed)S 2263(previously)S 2717(may)S 2921(now)S 3125(be)S 3251(supported.)S 3732(The)S 3919(open)S 4145(API)S 4338(will)S 4526(be)S 4652(translated)S 720 H 4908 V 720(into)S 910(a)S 987(GETATTR)S 1475(operation)S 1885(for)S 2034(the)S 2189(current)S 2504(directory,)S 2922(a)S 2999(LOOKUP)S 3437(operation)S 3847(for)S 3996(the)S 4151(\256le)S 4312(to)S 4423(be)S 4550(opened,)S 4896(and)S 720 H 5028 V 720(an)S 853(ACCESS)S 1271(operation)S 1687(which)S 1970(returns)S 2286(a)S 2369(boolean)S 2724(value)S 2979(indicating)S 3418(whether)S 3778(the)S 3940(access)S 4234(requested)S 4656(would)S 4946(be)S 720 H 5148 V 720(permitted,)S 1177(along)S 1448(with)S 1675(the)S 1846(complete)S 2261(set)S 2421(of)S 2553(the)S 2724(\256le's)S 2973(attributes.)S 3449(Thus,)S 3722(the)S 3892(TNFS)S 4185(client)S 4455(can)S 4641(determine)S 720 H 5268 V 720(whether)S 1083(the)S 1247(application)S 1733(requesting)S 2192(to)S 10 I 2313(open)S 10 R 2550(the)S 2715(remote)S 3035(\256le)S 3206(will)S 3405(be)S 3542(able)S 3751(to)S 3872(access)S 4169(it)S 4268(based)S 4538(on)S 4681(the)S 4846(open)S 720 H 5388 V 720(request)S 1041(type)S 1246(and)S 1423(the)S 1578(application's)S 2126(security)S 2474(credentials.)S 2993(As)S 3136(described)S 3550(earlier,)S 3861(a)S 3937(server)S 4212(may)S 4416(choose)S 4725(to)S 4835(asso-)S 720 H 5508 V 720(ciate)S 941(a)S 1018(set)S 1162(of)S 1278(privileges)S 1705(with)S 1916(the)S 2071(remote)S 2381(subject)S 2697(which)S 2974(are)S 3128(di)S 3206 H (f)show 10 -.5 mul h (f)show 10 R 3267(erent)S 3500(from)S 3728(the)S 3884(privilege)S 4273(set)S 4418(associated)S 4862(with)S 720 H 5628 V 720(the)S 889(subject)S 1219(on)S 1366(the)S 1535(client)S 1804(system.)S 2184(The)S 2386(ACCESS)S 2812(procedure)S 3257(call)S 3447(returns)S 3770(the)S 3938(server's)S 4299(assessment)S 4789(of)S 4918(the)S 720 H 5748 V 720(subject's)S 1105(access)S 1389(capabilities.)S 720 H 5904 V 720(The)S 926(information)S 1449(label)S 1694(adjustment)S 2184(policy)S 2485(is)S 2603(supported,)S 3073(since)S 3329(the)S 3503(AUTH_MLS)S 4088(credential)S 4533(contains)S 4918(the)S 720 H 6024 V 720(subject's)S 1123(information)S 1643(label,)S 1910(and)S 2102(the)S 2272(TNFS)S 2565(reply)S 2818(message)S 3204(contains)S 3585(an)S 3727(extended)S 4135(\256le)S 4311(attribute)S 4691(structure)S 720 H 6144 V 720(which)S 1000(includes)S 1369(the)S 1527(\256le)S 1692(object's)S 2045(information)S 2554(label.)S 2840(Note)S 3071(that)S 3258(the)S 3417(subject's)S 3809(information)S 4318(label)S 4549(may)S 4758(require)S 720 H 6264 V 720(adjustment)S 1193(as)S 1310(a)S 1388(result)S 1644(of)S 1761(reading)S 2094(a)S 2172(remote)S 2483(\256le)S 2644(\(READ\),)S 3040(reading)S 3372(a)S 3449(remote)S 3759(directory)S 4152(\(READDIR\),)S 4720(or)S 4836(read-)S 720 H 6384 V 720(ing)S 882(a)S 960(remote)S 1271(symbolic)S 1672(link)S 1862(\(READLINK\).)S 2527(A)S 2633(remote)S 2944(\256le's)S 3178(\(object\))S 3522(information)S 4028(label)S 4256(may)S 4462(be)S 4590(adjusted)S 4957(as)S 720 H 6504 V 720(a)S 801(result)S 1060(of)S 1180(SETATTR,)S 1681(WRITE,)S 2059(CREATE,)S 2510(RENAME,)S 2994(LINK,)S 3294(SYMLINK,)S 3811(and)S 3992(MKDIR)S 4361(TNFS)S 4642(procedure)S 720 H 6624 V 720(calls.)S 720 H 6780 V 720(File)S 914(names)S 1207(may)S 1417(now)S 1627(be)S 1759(protected)S 2168(by)S 2306(MLS)S 2550(policy)S 2838(with)S 3055(the)S 3216(introduction)S 3744(of)S 3866(\256le)S 4033(name)S 4288(security)S 4643(attributes,)S 720 H 6900 V 720(and)S 894(the)S 1046(SETLABEL)S 1576(procedure.)S 720 H 7056 V 720(Finally,)S 1059(MultiLevel)S 1539(Directories)S 2012(are)S 2163(accommodated.)S 5139(|)S 720 H 7680 V 720(TSIG-TNFS-001.2.03)S 4650([Page 13])S 7920 V EP %%Page: 14 14 BP /slant 0 def /height 1.000000 def 10 R 10 R 0 H 40 V 0(--)S 5406(--)S 720 H 520 V 720(INTERNET-DRAFT)S 2297(TNFS Protocol Speci\256cation)S 4472(May 24, 1992)S 720 H 840 V 10 B 720(3.4.7.)S 1005(TNFS)S 1291(Access)S 1603(Control)S 1966(Policy)S 720 H 996 V 10 R 720(The)S 905(access)S 1189(control)S 1502(policy)S 1782(recommended)S 2377(by)S 2507(this)S 2682(proposal)S 3056(may)S 3258(be)S 3382(stated)S 3645(as)S 3758(follows:)S 720 H 1152 V 970(o)S 1220(a)S 1298(client)S 1554(system)S 1866(shall)S 10 I 2089(always)S 10 R 2401(apply)S 2657(the)S 2813(access)S 3101(control)S 3418(policy)S 3702(to)S 3814(a)S 3892(local)S 4120(request)S 4443(for)S 4594(access)S 4883(to)S 4996(a)S 720 H 1272 V 1220(local)S 1444(resource,)S 720 H 1428 V 970(o)S 1220(a)S 1297(server)S 1573(system)S 1884(shall)S 10 I 2106(always)S 10 R 2417(apply)S 2672(the)S 2827(access)S 3114(control)S 3430(policy)S 3713(to)S 3824(a)S 3901(local)S 4128(request)S 4449(for)S 4598(access)S 4885(to)S 4996(a)S 720 H 1548 V 1220(local)S 1444(resource,)S 720 H 1704 V 970(o)S 1220(a)S 1298(server)S 1575(system)S 1887(shall)S 10 I 2110(always)S 10 R 2423(apply)S 2680(the)S 2837(access)S 3126(control)S 3444(policy)S 3729(to)S 3842(a)S 3921(remote)S 4233(access)S 4522(request)S 4845(for)S 4996(a)S 720 H 1824 V 1220(local)S 1444(resource,)S 1836(and)S 720 H 1980 V 970(o)S 1220(a)S 1299(client)S 1556(system)S 10 I 1869(may)S 2070(\(temporarily\))S 10 R 2643(apply)S 2900(the)S 3057(access)S 3346(control)S 3664(policy)S 3949(to)S 4063(a)S 4143(locally)S 4451(cached)S 4763(remote)S 720 H 2100 V 1220(resource,)S 1612(i)S 1640 H (f)show 10 -.5 mul h (f)show 10 R 1701(:)S 720 H 2256 V 1220(*)S 1470(client)S 1722(security)S 2068(attribute)S 2431(caching)S 2771(support)S 3101(is)S 3198(included)S 3572(in)S 3680(the)S 3832(implementation,)S 4515(and)S 720 H 2412 V 1220(*)S 1470(a)S 1544(client)S 1796(security)S 2142(attribute)S 2505(caching)S 2845(policy)S 3125(is)S 3222(enabled)S 3562(by)S 3692(the)S 3844(host)S 4041(security)S 4387(o)S 4437 H (f)show 10 -.5 mul h (\256)show 10 R 4521(cer)S 720 H 2568 V 720(This)S 930(TNFS)S 1207(access)S 1493(control)S 1808(policy)S 2090(ensures)S 2421(that)S 2603(no)S 2735(access)S 3021(will)S 3209(be)S 3335(made)S 3583(without)S 3921(the)S 4076(application)S 4553(of)S 4669(appropri-)S 720 H 2688 V 720(ate)S 866(access)S 1150(control.)S 720 H 2928 V 10 B 720(3.4.8.)S 1005(TNFS)S 1291(Auditing)S 1700(Policy)S 720 H 3084 V 10 R 720(The)S 909(auditing)S 1271(policy)S 1555(recommended)S 2154(by)S 2288(this)S 2467(proposal)S 2845(is)S 2946(stated)S 3213(as)S 3330(follows.)S 3689(When)S 3961(the)S 4117(security)S 4467(auditing)S 4830(func-)S 720 H 3204 V 720(tion)S 906(is)S 1003(enabled:)S 720 H 3360 V 970(o)S 10 B 1220(an)S 1356(implementation)S 2058(shall:)S 720 H 3516 V 10 R 1220(\(1\))S 1470(audit)S 1700(all)S 1830(local)S 2054(requests)S 2411(for)S 2557(local)S 2781(\256le)S 2939(access:)S 720 H 3672 V 1470(>)S 1720(a)S 1794(client)S 2046(system)S 2354(shall)S 10 I 2573(always)S 10 R 2881(audit)S 3111(a)S 3185(local)S 3409(request)S 3727(for)S 3873(access)S 4157(to)S 4265(a)S 4339(local)S 4563(resource,)S 720 H 3828 V 1470(>)S 1720(a)S 1794(server)S 2067(system)S 2375(shall)S 10 I 2594(always)S 10 R 2902(audit)S 3132(a)S 3206(local)S 3430(request)S 3748(for)S 3894(access)S 4178(to)S 4286(a)S 4360(local)S 4584(resource)S 720 H 3984 V 1220(\(2\))S 1470(provide)S 1805(the)S 10 B 1957(capability)S 10 R 2410(to)S 2518(audit)S 2748(all)S 2878(remote)S 3185(\256le)S 3343(access)S 3627(requests:)S 720 H 4140 V 1470(>)S 1720(the)S 1876(client)S 2132(shall)S 2355(support)S 2689(the)S 2845(capability)S 3273(to)S 3385(audit)S 3619(local)S 3848(requests)S 4210(for)S 4361(access)S 4650(to)S 4763(remote)S 720 H 4260 V 1720(resources)S 2126(on)S 2256(a)S 2330(server,)S 2628(and)S 720 H 4416 V 1470(>)S 1720(the)S 1874(server)S 2149(shall)S 2370(support)S 2703(the)S 2858(capability)S 3285(to)S 3396(audit)S 3629(remote)S 3939(requests)S 4299(for)S 4448(access)S 4735(to)S 4846(local)S 720 H 4536 V 1720(resources)S 2126(on)S 2256(the)S 2408(server)S 4504 V 8 R 2651(8)S 720 H 4692 V 10 R 1220(\(3\))S 1470(enable)S 1760(client)S 2012(system)S 2320(auditing)S 2678(of)S 2791(local)S 3015(requests)S 3372(for)S 3518(access)S 3802(to)S 3910(remote)S 4217(\256les)S 4414(by)S 4544(default)S 720 H 4848 V 720(Thus,)S 975(when)S 1221(the)S 1373(security)S 1719(auditing)S 2077(function)S 2440(is)S 2537(enabled:)S 720 H 5004 V 970(o)S 1220(all)S 1350(local)S 1574(requests)S 1931(for)S 2077(access)S 2361(to)S 2469(local)S 2693(\256les)S 2890(are)S 3041(audited,)S 720 H 5160 V 970(o)S 1220(client)S 1472(system)S 1780(requests)S 2137(for)S 2283(access)S 2567(to)S 2675(remote)S 2982(\256les)S 3179(are)S 3330(audited)S 5128 V 8 R 3624(9)S 720 H 5316 V 10 R 970(o)S 1220(the)S 1372(capability)S 1796(to)S 1904(audit)S 2134(remote)S 2441(\256le)S 2599(access)S 2883(by)S 3013(both)S 3221(client)S 3473(and)S 3647(server)S 3920(is)S 4017(provided:)S 720 H 5472 V 1220(*)S 1470(client)S 1741(system)S 2068(auditing)S 2445(may)S 2666(be)S 2809(enabled)S 3168(to)S 3295(audit)S 3544(local)S 3788(requests)S 4165(for)S 4331(access)S 4635(to)S 4763(remote)S 720 H 5592 V 1470(resources;)S 1904(client)S 2156(system)S 2464(auditing)S 2822(is)S 2919(enabled)S 3259(by)S 3389(default,)S 720 H 5748 V 1220(*)S 1470(server)S 1760(system)S 2085(auditing)S 2460(may)S 2680(be)S 2822(enabled)S 3180(to)S 3306(audit)S 3554(remote)S 3879(requests)S 4254(for)S 4418(access)S 4720(to)S 4846(local)S 720 H 5868 V 1470(resources)S 720 H 6024 V 970(o)S 1220(enabling)S 1596(of)S 1711(the)S 1865(remote)S 2174(\256le)S 2334(access)S 2620(auditing)S 2980(capability)S 3406(shall)S 3627(be)S 3753(supported)S 4179(by)S 4311(a)S 4387(system)S 4697(manage-)S 720 H 6144 V 1220(ment)S 1450(operation)S 720 H 6300 V 720(This)S 930(TNFS)S 1207(policy)S 1489(ensures)S 1820(that)S 2002(each)S 2216(TNFS)S 2493(host)S 2692(shall)S 2913(audit)S 3145(local)S 3371(requests)S 3731(for)S 3880(local)S 4107(\256le)S 4268(access,)S 4580(each)S 4795(TNFS)S 720 H 6420 V 720(client)S 980(system)S 1296(shall)S 1523(audit)S 1761(requests)S 2126(for)S 2280(remote)S 2595(\256le)S 2761(access)S 3053(\(by)S 3224(default\),)S 3597(and)S 3779(both)S 3995(TNFS)S 4278(clients)S 4577(and)S 4758(servers)S 720 H 6540 V 720(shall)S 943(have)S 1165(the)S 1321(cability)S 1655(to)S 1767(enable)S 2061(auditing)S 2423(of)S 2540(remote)S 2852(\256le)S 3015(access)S 3304(activity.)S 3694(In)S 3812(a)S 3891(given)S 4148(network)S 4510(environment,)S 720 H 6660 V 720(it)S 817(may)S 1030(be)S 1165(desirable)S 1566(to)S 1685(optionally)S 2132(disable)S 2456(auditing)S 2825(of)S 2949(remote)S 3267(access)S 3562(on)S 3703(either)S 3970(the)S 4132(client)S 4394(or)S 4517(the)S 4679(server)S 4962(to)S 720 H 6760 V 8 Y1 720(333333333333333333)S 720 H 6854 V 6 R 820(8)S 6878 V 8 R 890(This)S 1063(option)S 1298(may)S 1466(require)S 1721(the)S 1849(auditing)S 2141(of)S 2238(the)S 2366(speci\256c)S 2640(TNFS)S 2868(protocol)S 3165(procedure)S 3514(calls,)S 3711(since)S 3906(the)S 4035(protocol)S 4332(procedures)S 720 H 6978 V 720(are)S 840(not)S 966(translated)S 1298(into)S 1446(actual)S 1659("system)S 1937(calls")S 2139(in)S 2225(many)S 2426(server)S 2643(implementations.)S 720 H 7072 V 6 R 820(9)S 7096 V 8 R 890(This)S 1056(is)S 1133(the)S 1254(default)S 1498(policy;)S 1743(site)S 1877(speci\256c)S 2144(auditing)S 2429(policies)S 2700(are)S 2820(established)S 3197(by)S 3301(the)S 3422(site)S 3556(security)S 3831(o)S 3871 H (f)show 8 -.5 mul h (\256)show 8 R 3938(cer.)S 720 H 7680 V 10 R 720(TSIG-TNFS-001.2.03)S 4650([Page 14])S 7920 V EP %%Page: 15 15 BP /slant 0 def /height 1.000000 def 10 R 10 R 0 H 40 V 0(--)S 5406(--)S 720 H 520 V 720(INTERNET-DRAFT)S 2297(TNFS Protocol Speci\256cation)S 4472(May 24, 1992)S 720 H 840 V 720(avoid)S 972(duplication.)S 720 H 1080 V 10 B 720(3.4.9.)S 1005(The)S 1202(Extended)S 1638(Attribute)S 2067(Cache)S 720 H 1236 V 10 R 720(NFS)S 936(caching)S 1278(strategies)S 1687(are)S 1840(implementation)S 2500(speci\256c,)S 2862(and)S 3038(are)S 3191(not)S 3351(part)S 3538(of)S 3653(the)S 3808(NFS)S 4025(protocol.)S 4446(Caching)S 4812(is)S 4912(not)S 720 H 1356 V 720(required)S 1084(to)S 1194(support)S 1526(TNFS)S 1803(interoperability.)S 2506(This)S 2715(speci\256cation)S 3251(will)S 3438(therefore)S 3828(not)S 3987(include)S 4312(speci\256c)S 4648(details)S 4940(on)S 720 H 1476 V 720(the)S 873(issue)S 1104(of)S 1219(attribute)S 1584(caching.)S 1981(However,)S 2403(since)S 2640(the)S 2794(caching)S 3136(mechanisms)S 3662(are)S 3815(included)S 4191(in)S 4301(the)S 4455(NFS)S 4671(reference)S 720 H 1596 V 720(source)S 1015(code)S 1238(releases,)S 1613(and)S 1792(since)S 2032(attribute)S 2400(caching)S 2745(is)S 2847(critical)S 3159(for)S 3310(achieving)S 3733(NFS)S 3951(performance)S 4488(goals,)S 4758(several)S 720 H 1716 V 720(suggestions)S 1217(are)S 1368(included)S 1742(in)S 1850(this)S 2025(section.)S 720 H 1872 V 720(In)S 846(most)S 1084(NFS)S 1311(client)S 1576(implementations,)S 2311(remote)S 2631(\256le)S 2802(attributes)S 3217(are)S 3382(cached)S 3702(on)S 3846(the)S 4012(client,)S 4303(improving)S 4764(perfor-)S 720 H 1992 V 720(mance)S 1018(and)S 1200(reducing)S 1587(network)S 1951(tra)S 2056 H (f)show 10 -.5 mul h (\256)show 10 R 2140(c.)S 2276(The)S 2468(attribute)S 2838(cache)S 3101(is)S 3205(updated)S 3558(frequently,)S 4030(as)S 4150(most)S 4382(NFS)S 4603(procedures)S 720 H 2112 V 720(return)S 988(\256le)S 1146(attributes)S 1548(along)S 1800(with)S 2008(other)S 2243(requested)S 2655(information.)S 720 H 2268 V 720(A)S 826(client)S 1082(side)S 1277(cache)S 1537(for)S 1687(the)S 1843(extended)S 2237(security)S 2588(\256le)S 2751(attributes)S 3158(should)S 3460(also)S 3656(be)S 3785(considered)S 4252(for)S 4403(similar)S 4716(reasons.)S 720 H 2388 V 720(Since)S 986(all)S 1130(of)S 1257(the)S 1423(\256le's)S 1667(security)S 2027(attributes)S 2443(are)S 2608(returned)S 2984(with)S 3206(each)S 3431(TNFS)S 3719(\256le)S 3890(access)S 4187(request,)S 4543(an)S 4680(extended)S 720 H 2508 V 720(security)S 1066(attribute)S 1429(cache)S 1685(can)S 1853(now)S 2055(be)S 2179(maintained)S 2653(on)S 2783(the)S 2935(client.)S 720 H 2664 V 720(Extending)S 1171(the)S 1333(attribute)S 1706(validation)S 2146(procedure)S 2584(to)S 2702(include)S 3036(validating)S 3476(the)S 3638(security)S 3995(\256le)S 4164(attributes)S 4577(permits)S 4918(the)S 720 H 2784 V 720(complete)S 1119(set)S 1263(of)S 1379(\256le)S 1540(attributes)S 1945(to)S 2056(be)S 2183(checked)S 2542(and)S 2719(refreshed)S 3122(if)S 3216(they)S 3421(are)S 3574(no)S 3706(longer)S 3993(valid.)S 4280(If)S 4378(the)S 4532(\256le's)S 4764(cached)S 720 H 2904 V 720(attributes)S 1133(are)S 1295(not)S 1464(valid,)S 1731(a)S 10 B 1817(GETATTR)S 10 R 2349(procedure)S 2789(call)S 2975(can)S 3155(be)S 3291(made.)S 3604(The)S 3801(TNFS)S 4088(reply)S 4335(to)S 4455(this)S 4642(procedure)S 720 H 3024 V 720(now)S 925(includes)S 1291(the)S 1446(complete)S 1845(set)S 1989(of)S 2105(\256le)S 2266(attribute)S 2632(information,)S 3162(permitting)S 3612(all)S 3745(of)S 3861(the)S 4016(\256le's)S 4249(cached)S 4558(attributes)S 4962(to)S 720 H 3144 V 720(be)S 860(refreshed.)S 1331(Cached)S 1676(attribute)S 2055(entries)S 2367(shall)S 2602(be)S 2742(aged)S 2976(and)S 3167(eventually)S 3630(\257ushed)S 3966(unless)S 4263(refreshed.)S 4705(If)S 4818(client)S 5139(|)S 720 H 3264 V 720(caching)S 1060(is)S 1157(enabled,)S 1522(then)S 1724(per)S 1881(process)S 2210(cached)S 2516(attribute)S 2879(entries)S 3175(shall)S 3394(be)S 3518(maintained.)S 5139(|)S 720 H 3420 V 720(Note)S 945(again)S 1192(that)S 1373(an)S 1498(attribute)S 1862(caching)S 2204(policy)S 2486(is)S 2585(not)S 2745(part)S 2932(of)S 3047(the)S 3201(protocol,)S 3591(and)S 3767(is)S 3866(an)S 3992(implementation)S 4652(technique)S 720 H 3540 V 720(used)S 937(to)S 1049(improve)S 1415(performance.)S 2006(During)S 2322(the)S 2477(window)S 2832(of)S 2948(time)S 3159(that)S 3342(the)S 3497(cache)S 3756(entry)S 3994(is)S 4094(valid,)S 4352(the)S 4507(client)S 4762(system)S 720 H 3660 V 720(applies)S 1034(the)S 1187(MLS)S 1424(access)S 1709(control)S 2023(policies)S 2365(on)S 2496(behalf)S 2776(of)S 2891(the)S 3045(server.)S 3345(It)S 3438(is)S 3537(recommended)S 4134(that)S 4316(if)S 4409(an)S 4535(implementa-)S 720 H 3780 V 720(tion)S 913(supports)S 1289(the)S 1448(use)S 1618(of)S 1738(client)S 1997(side)S 2195(attribute)S 2565(caching,)S 2937(it)S 3030(shall)S 3256(also)S 3454(support)S 3791(a)S 3872(mechanism)S 4363(for)S 4515(disabling)S 4918(the)S 720 H 3900 V 720(attribute)S 1083(cache.)S 1364(Speci\256c)S 1716(implementation)S 2374(details)S 2665(are)S 2816(provided)S 3201(in)S 3309([4].)S 720 H 4140 V 10 B 720(4.)S 855(Related)S 1212(Requirements)S 1841(and)S 2033(Expectations)S 720 H 4296 V 10 R 720(This)S 929(speci\256cation)S 1465(addresses)S 1878(extensions)S 2331(the)S 2484(NFS)S 2700(V2)S 2854(protocol)S 3219(which)S 3495(accommodate)S 4081(network)S 4440(\256le)S 4600(access)S 4886(in)S 4996(a)S 720 H 4416 V 720(trusted,)S 1067(MLS)S 1323(network)S 1700(environment.)S 2310(Expectations)S 2876(for)S 3042(the)S 3213(environment)S 3767(for)S 3932(which)S 4225(this)S 4419(speci\256cation)S 4973(is)S 720 H 4536 V 720(applicable)S 1160(include:)S 720 H 4692 V 970(o)S 1220(the)S 1372(TNFS)S 1647(network)S 2004(environment)S 2539(is)S 2636(a)S 2710(trusted)S 3012(environment:)S 720 H 4848 V 1220(>)S 1470(TNFS)S 1745(authentication)S 2341(and)S 2515(message)S 2883(integrity)S 3252(support)S 3582(shall)S 3801(not)S 3959(be)S 4083(required)S 720 H 5004 V 1220(>)S 1470(use)S 1634(of)S 1748(TNFS)S 2024(in)S 2133(an)S 2258(untrusted)S 2661(environment)S 3197(\(i.e.)S 3383(commercial)S 3885(network)S 4243(environment\))S 4813(is)S 4912(not)S 720 H 5124 V 1470(addressed)S 1893(by)S 2023(this)S 2198(speci\256cation)S 720 H 5280 V 970(o)S 1220(other,)S 1482(related)S 1785(RPC)S 2007(services)S 2360(are)S 2513(required)S 2878(to)S 2989(support)S 3322(the)S 3477(execution)S 3898(of)S 4014(NFS;)S 4259(these)S 4497(services)S 4851(shall)S 720 H 5400 V 1220(support)S 1564(the)S 1730(AUTH_MLS)S 2307(credential)S 2744(\257avor,)S 3045(but)S 3216(may)S 3431(also)S 3635(support)S 3978(alternative)S 4442(policies)S 4796(which)S 720 H 5520 V 1220(make)S 1466(use)S 1629(of)S 1742(other)S 1977(authentication)S 2573(\257avors:)S 720 H 5676 V 1220(>)S 1470(the)S 1651(token)S 1933(management)S 2503(service)S 2845(is)S 2972(required)S 3364(to)S 3502(translate)S 3900(security)S 4276(attributes)S 4708(between)S 720 H 5796 V 1470(expanded)S 1882(and)S 2056(tokenized)S 2474(formats)S 2809([5],)S 720 H 5952 V 1220(>)S 1470(the)S 1622(mount)S 1908(service)S 2220(is)S 2317(required)S 2679(to)S 2787(support)S 3117(NFS)S 3331(mount)S 3617(requests,)S 720 H 6108 V 1220(>)S 1470(the)S 1628(lock)S 1836(manager)S 2215(and)S 2395(status)S 2659(monitor)S 3012(services)S 3369(are)S 3526(required)S 3894(to)S 4008(support)S 4345(NFS)S 4566(\256le)S 4731(and)S 4912(\256le)S 720 H 6228 V 1470(region)S 1755(locking)S 720 H 6384 V 970(o)S 1220(client)S 1472(side)S 1663(mounts)S 1988(shall)S 2207(be)S 2331(restricted)S 2732(to)S 2840(the)S 2992(server's)S 3337(exported)S 3716(mount)S 4002(points:)S 720 H 6540 V 1220(>)S 1470(client)S 1737(requests)S 2109(to)S 2233(mount)S 2535(a)S 2625(subdirectory)S 3170(which)S 3460(resides)S 3783(below)S 4073(the)S 4241(export)S 4542(point)S 4794(in)S 4918(the)S 720 H 6660 V 1470(server's)S 1815(exported)S 2194(directory)S 2584(shall)S 2803(be)S 2927(denied,)S 720 H 6816 V 1220(>)S 1470(without)S 1812(this)S 1993(restriction,)S 2459(client)S 2717(access)S 3007(to)S 3122(server)S 3402(\256les)S 3606(mounted)S 3993(below)S 4274(the)S 4433(server's)S 4785(export)S 720 H 6936 V 1470(point)S 1720(bypass)S 2036(the)S 2202(authorization)S 2773(checks)S 3088(which)S 3376(would)S 3670(otherwise)S 4102(have)S 4333(been)S 4564(made)S 4823(using)S 720 H 7056 V 1470(the)S 1622(access)S 1906(modes)S 2197(of)S 2310(the)S 2462(\256le)S 2620(components)S 3133(located)S 3451(higher)S 3736(in)S 3844(the)S 3996(server's)S 4341(exported)S 4720(tree)S 7024 V 8 R 4869(10)S 720 H 7156 V 8 Y1 720(333333333333333333)S 720 H 7250 V 6 R 820(10)S 7274 V 8 R 920(Note)S 1111(that)S 1266(appropriate)S 1663(use)S 1805(of)S 1907(symbolic)S 2235(links)S 2426(on)S 2543(the)S 2677(client)S 2890(will)S 3051(result)S 3264(in)S 3363(a)S 3435(client)S 3648(\256le)S 3787(name)S 3996(space)S 4209(similar)S 4466(to)S 4565(one)S 720 H 7680 V 10 R 720(TSIG-TNFS-001.2.03)S 4650([Page 15])S 7920 V EP %%Page: 16 16 BP /slant 0 def /height 1.000000 def 10 R 10 R 0 H 40 V 0(--)S 5406(--)S 720 H 520 V 720(INTERNET-DRAFT)S 2297(TNFS Protocol Speci\256cation)S 4472(May 24, 1992)S 720 H 840 V 970(o)S 1220(most)S 1452(\256le)S 1617(access)S 1908(will)S 2101(take)S 2304(place)S 2551(between)S 2920(MLS)S 3163(modi\256ed)S 3556(clients)S 3854(and)S 4035(servers,)S 4380(but)S 4546(some)S 4795(TNFS)S 720 H 960 V 1220(systems)S 1570(will)S 1759(continue)S 2136(to)S 2246(interoperate)S 2754(with)S 2964(NFS)S 3180(V2)S 3334(systems)S 3683(through)S 4026(the)S 4180(use)S 4345(of)S 4460(an)S 4586(appropriate)S 720 H 1080 V 1220(policy;)S 1547(for)S 1712(example,)S 2124(a)S 2217(\256lter)S 2455(or)S 2587(gateway)S 2968(could)S 3239(be)S 3382(placed)S 3692(between)S 4074(a)S 4168(MLS)S 4424(system)S 4752(and)S 4946(an)S 720 H 1200 V 1220(unmodi\256ed)S 1715(system)S 2032(to)S 2148(insert)S 2408(or)S 2529(delete)S 2805(appropriate)S 3297(security)S 3651(attribute)S 4022(information)S 4532(on)S 4670(behalf)S 4957(of)S 720 H 1320 V 1220(the)S 1372(unmodi\256ed)S 1858(system)S 720 H 1560 V 1220(note)S 1432(that)S 1622(client)S 1884(system)S 2202(auditing)S 2570(information)S 3082(will)S 3278(not)S 3447(be)S 3582(supplied)S 3962(for)S 4119(remote)S 4437(\256le)S 4606(access)S 4901(ini-)S 720 H 1680 V 1220(tiated)S 1479(from)S 1710(an)S 1840(unmodi\256ed)S 2332(NFS)S 2552(client;)S 2838(enabling)S 3218(server)S 3497(system)S 3811(auditing)S 4175(should)S 4478(be)S 4608(considered)S 720 H 1800 V 1220(by)S 1350(the)S 1502(security)S 1848(o)S 1898 H (f)show 10 -.5 mul h (\256)show 10 R 1982(cer)S 2133(to)S 2241(support)S 2571(these)S 2806(con\256gurations)S 720 H 1956 V 970(o)S 1220(a)S 1299(TNFS)S 1579(client)S 1836(should)S 2139(not)S 2303(send)S 2522(any)S 2702(security)S 3054(extended)S 3450(NFS)S 3670(procedure)S 4104(calls)S 4323(to)S 4437(a)S 4517(server)S 4796(which)S 720 H 2076 V 1220(does)S 1451(not)S 1627(support)S 1974(this)S 2166(service;)S 2523(a)S 2614(TNFS)S 2906(client)S 3175(should)S 3489(also)S 3697(refrain)S 4009(from)S 4250(sending)S 4608(extraneous)S 720 H 2196 V 1220(security)S 1566(attribute)S 1929(information)S 2431(to)S 2539(a)S 2613(TNFS)S 2888(server)S 3161(that)S 3341(does)S 3554(not)S 3712(support)S 4042(those)S 4283(attributes)S 720 H 2352 V 970(o)S 1220(additional)S 1660(TCB)S 1895(information)S 2320 V 8 R 2367(11)S 2352 V 10 R 2487(is)S 2594(maintained)S 3078(by)S 3218(each)S 3440(MLS)S 3686(system)S 4004(to)S 4122(support)S 4462(trusted)S 4774(intero-)S 720 H 2472 V 1220(perability)S 1633([10];)S 1857(for)S 2003(example,)S 2396(each)S 2608(MLS)S 2844(host)S 3041(may:)S 720 H 2628 V 1220(>)S 1470(maintain)S 1850(a)S 1924(list)S 2077(of)S 2190(the)S 2342(hosts)S 2578(which)S 2852(it)S 2938(will)S 3124(communicate)S 3692(with,)S 720 H 2784 V 1220(>)S 1470(maintain)S 1858(the)S 2018(set)S 2167(of)S 2288(security)S 2643(attributes)S 3054(which)S 3337(it)S 3432(expects)S 3770(to)S 3887(use)S 4059(in)S 4176(the)S 4337(exchange)S 4752(of)S 4874(data)S 720 H 2904 V 1470(with)S 1678(a)S 1752(given)S 2004(host,)S 2226(and)S 720 H 3060 V 1220(>)S 1470(maintain)S 1859(the)S 2020(speci\256c)S 2364(translation)S 2825(scheme)S 3163(or)S 3285(schemes)S 3663(which)S 3947(will)S 4143(be)S 4277(used)S 4500(in)S 4618(translating)S 720 H 3180 V 1470(tokens)S 1761(with)S 1969(a)S 2043(given)S 2295(host)S 2492([5])S 720 H 3336 V 970(o)S 1220(the)S 1385(security)S 1744(information)S 2259(de\256ned)S 2596(within)S 2896(the)S 3062(AUTH_MLS)S 3639(credential)S 4076(and)S 4264(\256le)S 4436(attribute)S 4813(struc-)S 720 H 3456 V 1220(tures)S 1452(provides)S 1834(for)S 1988(the)S 2148(transfer)S 2490(of)S 2611(security)S 2965(attributes)S 3374(required)S 3743(to)S 3858(support)S 4195(MLS)S 4438(access)S 4729(policies)S 720 H 3576 V 1220(without)S 1556(requiring)S 1952(the)S 2104(underlying)S 2567(network)S 2924(layer)S 3153(to)S 3261(provide)S 3596(security)S 3942(attribute)S 4305(information:)S 720 H 3732 V 1220(>)S 1470(if)S 1571(security)S 1927(attributes)S 2339(are)S 2501(provided)S 2897(by)S 3038(both)S 3257(the)S 3420(RPC)S 3651(layer)S 3891(and)S 4076(the)S 4239(underlying)S 4713(network)S 720 H 3852 V 1470(layer,)S 1751(then)S 1980(the)S 2159(security)S 2532(attribute)S 2922(information)S 3451(provided)S 3863(by)S 4020(the)S 4199(RPC)S 4446(layer)S 4701(shall)S 4946(be)S 720 H 3972 V 1470(applied)S 1794(to)S 1902(the)S 2054(\256le)S 2212(data)S 2408(transferred)S 2869(within)S 3155(the)S 3307(RPC)S 3527(message)S 720 H 4128 V 1220(>)S 1470(transferring)S 1965(security)S 2311(attributes)S 2713(within)S 2999(the)S 3151(RPC)S 3371(layer)S 3600(provides)S 3974(for)S 4120(the)S 4272(support)S 4602(of)S 4715(a)S 4790(policy)S 720 H 4248 V 1470(where)S 1747(data)S 1947(may)S 2153(be)S 2281(transferred)S 2746(with)S 2958(a)S 3036(security)S 3386(classi\256cation)S 3942(which)S 4220(is)S 4320(di)S 4398 H (f)show 10 -.5 mul h (f)show 10 R 4459(erent)S 4691(from)S 4918(the)S 720 H 4368 V 1470(security)S 1820(classi\256cation)S 2376(of)S 2493(the)S 2649(network)S 3011(layer;)S 3273(for)S 3424(instance,)S 3811(\256le)S 3974(data)S 4175(with)S 4388(a)S 4467(given)S 4724(security)S 720 H 4488 V 1470(classi\256cation)S 2036(might)S 2314(\256rst)S 2514(be)S 2652(encrypted)S 3088(and)S 3275(then)S 3490(transferred)S 3964(through)S 4318(a)S 4405(network)S 4775(with)S 4996(a)S 720 H 4608 V 1470(lower)S 1727(security)S 2073(classi\256cation.)S 720 H 4764 V 1220(>)S 1470(support)S 1812(for)S 1970(the)S 2134(transfer)S 2480(of)S 2605(MAC)S 2875(sensitivity)S 3329(labels)S 3604(for)S 3762(the)S 3926(Internet)S 4278(Protocol)S 4659(Suite)S 4907(has)S 720 H 4884 V 1470(been)S 1688(addressed)S 2111(by)S 2241(the)S 2393(CIPSO)S 2707([11],)S 2928(and)S 3102(IPSO)S 3349([12])S 3545(documents)S 5139(|)S 720 H 5124 V 10 B 720(5.)S 855(Conclusion)S 720 H 5280 V 10 R 720(This)S 937(document)S 1371(describes)S 1782(the)S 1944(set)S 2095(of)S 2218(extensions)S 2680(which)S 2964(support)S 3304(network)S 3671(\256le)S 3839(access)S 4133(in)S 4251(a)S 4335(network)S 4702(environ-)S 720 H 5400 V 720(ment)S 955(consisting)S 1396(of)S 1514(MLS)S 1755(systems)S 2107(using)S 2359(the)S 2516(proposed)S 2917(TNFS)S 3197(protocol)S 3565(extensions.)S 4047(Unmodi\256ed)S 4560(NFS)S 4779(clients)S 720 H 5520 V 720(and)S 894(servers)S 1206(are)S 1357(supported)S 1781(using)S 2028(the)S 2180(de)S 2304(facto)S 2533(NFS)S 2747(V2)S 2899(protocol.)S 720 H 5676 V 720(With)S 951(the)S 1104(previously)S 1557(de\256ned)S 1882(extensions,)S 2360(the)S 2513(MLS)S 2750(network)S 3108(\256le)S 3267(access)S 3552(requirements)S 4104(are)S 4256(met.)S 4493(The)S 4680(extended)S 720 H 5796 V 720(structure)S 1103(de\256nitions)S 1560(support)S 1894(the)S 2050(DAC)S 2295(and)S 2473(MAC)S 2735(attributes)S 3141(required)S 3507(for)S 3657(modifying)S 4108(or)S 4225(displaying)S 4675(the)S 4830(secu-)S 720 H 5916 V 720(rity)S 892(attribute)S 1258(information.)S 1788(The)S 1977(enhanced)S 2387(\256le)S 2549(open)S 2777(operation)S 3188(and)S 3366(the)S 3522(information)S 4028(label)S 4256(adjustment)S 4729(policies)S 720 H 6036 V 720(are)S 871(also)S 1062(supported.)S 720 H 6192 V 720(Thus,)S 985(a)S 1069(small)S 1326(set)S 1477(of)S 1600(extensions)S 2062(to)S 2180(the)S 2342(NFS)S 2566(V2)S 2728(environment)S 3273(permits)S 3613(MLS)S 3859(access)S 4153(control)S 4476(policies)S 4827(to)S 4946(be)S 720 H 6312 V 720(supported.)S 1212(Agreement)S 1698(on)S 1841(these)S 2089(changes)S 2453(will)S 2652(permit)S 2955(the)S 3119(current)S 3443(base)S 3662(of)S 3787(NFS)S 4013(clients)S 4316(and)S 4502(servers)S 4826(to)S 4946(be)S 720 H 6432 V 720(accommodated)S 1367(in)S 1488(the)S 1653(secure)S 1950(environment)S 2498(with)S 2720(no)S 2864(changes,)S 3254(and)S 3442(for)S 3602(TNFS)S 3891(modi\256ed)S 4291(systems)S 4652(to)S 4774(intero-)S 720 H 6552 V 720(perate)S 993(using)S 1240(MLS)S 1476(policies.)S 720 H 6862 V 8 Y1 720(333333333333333333)S 720 H 6962 V 8 R 720(previously)S 1080(constructed)S 1470(by)S 1574(mounting)S 1904(subdirectories)S 2373(of)S 2463(exported)S 2765(server)S 2982(\256le)S 3108(trees.)S 720 H 7056 V 6 R 820(11)S 7080 V 8 R 920(Note)S 1099(that)S 1242(this)S 1381(information)S 1780(is)S 1857(needed)S 2106(by)S 2210(all)S 2313(trusted)S 2553(network)S 2838(applications,)S 3266(and)S 3405(is)S 3482(not)S 3608(limited)S 3857(to)S 3943(NFS)S 4115(\256le)S 4241(access.)S 720 H 7680 V 10 R 720(TSIG-TNFS-001.2.03)S 4650([Page 16])S 7920 V EP %%Page: 17 17 BP /slant 0 def /height 1.000000 def 10 R 10 R 0 H 40 V 0(--)S 5406(--)S 720 H 520 V 720(INTERNET-DRAFT)S 2297(TNFS Protocol Speci\256cation)S 4472(May 24, 1992)S 720 H 840 V 10 B 720(6.)S 855(Acknowledgements)S 720 H 996 V 10 R 720(I)S 787(would)S 1071(like)S 1255(to)S 1367(acknowledge)S 1927(the)S 2083(members)S 2483(of)S 2600(the)S 2756(ITEF/TSIG)S 3251(NFS)S 3469(Subcommittee,)S 4106(who)S 4312(were)S 4540(instrumental)S 720 H 1116 V 720(in)S 838(evolving)S 1228(the)S 1390(MLS)S 1636(extended)S 2036(NFS)S 2260(Protocol)S 2639(Speci\256cation)S 3201(from)S 3435(the)S 3597(original)S 3948(proposal.)S 4357(Many)S 4629(comments)S 720 H 1236 V 720(were)S 948(also)S 1144(made)S 1395(during)S 1691(the)S 1848(review)S 2154(of)S 2272(the)S 2429(later)S 2641(drafts)S 2903(which)S 3183(greatly)S 3496(improved)S 3915(the)S 4073(speci\256cation's)S 4686(readabil-)S 720 H 1356 V 720(ity.)S 931(Contributing)S 1493(IETF)S 1754(TNFS)S 2049(working)S 2432(group)S 2715(members)S 3131(include)S 3475(Je)S 3558 H (f)show 10 -.5 mul h (f)show 10 R 3669(Edelheit,)S 4077(Fran)S 4310(Fadden,)S 4679(Jonathon)S 5139(|)S 720 H 1476 V 720(Fraser,)S 1034(Ali)S 1202(Gohshan,)S 1622(Carl)S 1834(Smith,)S 2139(Mark)S 2395(Saake,)S 2698(Dave)S 2948(Summers,)S 3391(and)S 3575(Charlie)S 3910(Watt.)S 4200(I'd)S 4357(also)S 4559(like)S 4750(to)S 4869(ack-)S 720 H 1596 V 720(nowledge)S 1141(the)S 1296(contributions)S 1857(of)S 1973(the)S 2127(original)S 2470(members)S 2868(of)S 2983(the)S 3137(TSIG)S 3391(Trusted)S 3728(NFS)S 3944(working)S 4309(group:)S 4602(in)S 4712(addition)S 720 H 1716 V 720(to)S 837(the)S 998(above,)S 1300(these)S 1544(members)S 1949(included)S 2332(Morgan)S 2687(Clark,)S 2973(Tricia)S 3250(Jordan,)S 3580(Will)S 3798(Lees,)S 4051(Scott)S 4297(Norton,)S 4645(and)S 4829(Mike)S 720 H 1836 V 720(Shipley.)S 720 H 1992 V 720(The)S 914(speci\256cation)S 1458(was)S 1652(also)S 1852(reviewed)S 2256(by)S 2395(numerous)S 2828(persons)S 3172(outside)S 3500(of)S 3622(the)S 3783(subcommittee.)S 4409(I)S 4482(would)S 4772(like)S 4962(to)S 720 H 2112 V 720(acknowledge)S 1276(these)S 1511(persons)S 1846(as)S 1959(well,)S 2186(as)S 2299(a)S 2373(number)S 2708(of)S 2821(their)S 3034(comments)S 3475(are)S 3626(also)S 3817(re\257ected)S 4190(in)S 4298(the)S 4450(\256nal)S 4658(version.)S 720 H 2352 V 10 B 720(7.)S 855(Author's)S 1268(Address)S 720 H 2508 V 10 R 720(Fred)S 933(Glover)S 720 H 2628 V 720(Digital)S 1028(Equipment)S 1497(Corporation)S 720 H 2748 V 720(110)S 900(Spit)S 1092(Brook)S 1372(Road)S 1613(ZK03-3/U14)S 720 H 2868 V 720(Nashua,)S 1074(New)S 1292(Hampshire)S 1760(03062-2698)S 720 H 3108 V 720(Phone:)S 1028(603-881-0388)S 720 H 3348 V 720(EMail:)S 1028(fglover@zk3.dec.com)S 5139(|)S 720 H 3588 V 10 B 720(8.)S 855(References)S 720 H 3744 V 10 R 720([1])S 874(Sun)S 1068(Microsystems,)S 1692(Inc.,)S 1907("Network)S 2335(Filesystem)S 2807(Speci\256cation",)S 3433(RFC-1094,)S 3920(DDN)S 4175(Network)S 4563(Information)S 720 H 3864 V 970(Center,)S 1291(SRI)S 1477(International,)S 2042(Menlo)S 2333(Park,)S 2571(CA.)S 720 H 4020 V 720([2])S 877(National)S 1262(Computer)S 1703(Security)S 2077(Center,)S 2409(United)S 2722(States)S 3002(Department)S 3514(of)S 3639(Defense,)S 4032("Trusted)S 4420(Computer)S 4862(Sys-)S 720 H 4140 V 970(tems)S 1201(Evaluation)S 1676(Criteria")S 2064(National)S 2450(Computer)S 2892(Security)S 3267(Center,)S 3600(Ft.)S 3751(George)S 4086(G.)S 4225(Meade,)S 4563(MD.,)S 4815(1985,)S 720 H 4260 V 970(DoD)S 1194(5200.28-STD)S 720 H 4416 V 720([3])S 872(Defense)S 1234(Intelligence)S 1741(Agency,)S 2112(United)S 2420(States)S 2695(Department)S 3202(of)S 3321(Defense,)S 3708("Security)S 4118(Requirements)S 4709(for)S 4862(Sys-)S 720 H 4536 V 970(tem)S 1172(High)S 1423(and)S 1618(Compartmented)S 2313(Mode)S 2597(Workstations",)S 3247(Defense)S 3624(Intelligence)S 4146(Agency,)S 4532(Washington,)S 720 H 4656 V 970(D.C.,)S 1214(DIA)S 1421(document)S 1845(number)S 2180(DDS-2600-5502-87)S 720 H 4812 V 720([4])S 866(Trusted)S 1201(Systems)S 1565(Interoperability)S 2216(Group,)S 2526("The)S 2752(MLS)S 2988(NFS)S 3202(Implementor's)S 3820(Guide",)S 4160(TSIG)S 4412(Document)S 720 H 4968 V 720([5])S 880(Trusted)S 1229(Systems)S 1608(Interoperability)S 2274(Group,)S 2599("The)S 2840(MLS)S 3091(Token)S 3391(Translation)S 3891(Speci\256cation",)S 4524(TSIG)S 4791(Docu-)S 720 H 5088 V 970(ment)S 720 H 5244 V 720([6])S 873(Sun)S 1066(Microsystems,)S 1689(Inc.,)S 1903("Remote)S 2292(Procedure)S 2733(Call)S 2937(Speci\256cation",)S 3562(RFC-1057,)S 4047(DDN)S 4300(Network)S 4686(Informa-)S 720 H 5364 V 970(tion)S 1156(Center,)S 1477(SRI)S 1663(International,)S 2228(Menlo)S 2519(Park,)S 2757(CA.)S 720 H 5520 V 720([7])S 887(Sun)S 1094(Microsystems,)S 1732(Inc.,)S 1961("External)S 2392(Data)S 2632(Representation)S 3283(Speci\256cation",)S 3923(RFC-1014,)S 4423(DDN)S 4691(Network)S 720 H 5640 V 970(Information)S 1477(Center,)S 1798(SRI)S 1984(International,)S 2549(Menlo)S 2840(Park,)S 3078(CA.)S 720 H 5796 V 720([8])S 875(Clark,)S 1161(D.)S 1297(D.)S 1433(and)S 1616(David)S 1899(R.)S 2030(Wilson,)S 2383("A)S 2535(Comparison)S 3063(of)S 3185(Commercial)S 3718(and)S 3901(Military)S 4268(Computer)S 4707(Security)S 720 H 5916 V 970(Policies",)S 1401(Proceedings)S 1937(of)S 2068(the)S 2238(1987)S 2486(IEEE)S 2750(Symposium)S 3277(on)S 3425(Security)S 3806(and)S 3998(Privacy,)S 4376(IEEE)S 4640(Computer)S 720 H 6036 V 970(Society)S 1300(Press,)S 1566(Washington,)S 2104(DC.)S 720 H 6192 V 720([9])S 870(Biba,)S 1119(K.)S 1251(J.,)S 1375("Integrity)S 1795(Considerations)S 2430(for)S 2581(Secure)S 2887(Computer)S 3322(Systems",)S 3757(TR-76-372,)S 4261(Electronic)S 4706(Systems)S 720 H 6312 V 970(Division,)S 1376(Air)S 1545(Force)S 1808(Systems)S 2178(Command,)S 2656(U.S.)S 2870(Department)S 3377(of)S 3496(the)S 3654(Air)S 3823(Force,)S 4111(Hanscomb)S 4574(AFB,)S 4829(MA.,)S 720 H 6432 V 970(April)S 1211(1977)S 720 H 6588 V 720([10])S 916(Trusted)S 1251(Systems)S 1615(Interoperability)S 2266(Group,)S 2576("Trusted)S 2952(Administration)S 3588(Speci\256cation",)S 4206(TSIG)S 4458(Document)S 720 H 6744 V 720([11])S 916(Trusted)S 1251(Systems)S 1615(Interoperability)S 2266(Group,)S 2576("Commercial)S 3141(IP)S 3260(Security)S 3623(Option",)S 3997(TSIG)S 4249(Document)S 720 H 6900 V 720([12])S 924("The)S 1158(IP)S 1285(Security)S 1656(Option",)S 2038(RFC-1108,)S 2524(DDN)S 2778(Network)S 3165(Information)S 3680(Center,)S 4010(SRI)S 4205(International,)S 4779(Menlo)S 5139(|)S 720 H 7020 V 970(Park,)S 1208(CA.)S 720 H 7176 V 720([13])S 930(Postel,)S 1244(J.,)S 1407("User)S 1680(Datagram)S 2118(Protocol",)S 2568(RFC-768,)S 3011(DDN)S 3272(Network)S 3666(Information)S 4188(Center,)S 4524(SRI)S 4725(Interna-)S 720 H 7296 V 970(tional,)S 1253(Menlo)S 1544(Park,)S 1782(CA.)S 5139(*)S 720 H 7680 V 720(TSIG-TNFS-001.2.03)S 4650([Page 17])S 7920 V EP %%Page: 18 18 BP /slant 0 def /height 1.000000 def 10 R 10 R 0 H 40 V 0(--)S 5406(--)S 720 H 520 V 720(INTERNET-DRAFT)S 2297(TNFS Protocol Speci\256cation)S 4472(May 24, 1992)S 720 H 7680 V 720(TSIG-TNFS-001.2.03)S 4650([Page 18])S 0 H 7950 V 0(--)S 5406(--)S 7950 V EP %%Trailer %%DocumentFonts: Times-Roman Times-Bold Times-Italic Symbol Troff %%Pages: 18