Files and Applications in Trusted Extensions
All applications in Trusted Extensions have a level of sensitivity that is indicated
by their label. Applications are subjects in any data transactions. Subjects must dominate
the objects that the subjects try to access. Objects can be files and
sometimes other processes can be objects. The label information for an application is
displayed in the window label stripe. The label is visible when a window
is open and when a window is minimized. An application's label also appears
in the trusted stripe when the pointer is in the application's window.
In Trusted Extensions, files are objects in data transactions. Files can be accessed
only by applications whose labels dominate the files' labels. A file can be
viewed from windows that have the same label as the file.
Some applications use initialization files to configure the environment for the user. Two
special files in your home directory help you access initialization files at every
label. These files enable an application at one label to use an initialization
file that originates in a directory at a different label. The two special
files are .copy_files and .link_files.
The .copy_files file stores file names to be copied when you first change
to a workspace with a higher label. .copy_files is stored in your home
directory at your minimum label. This file is useful when you have an
application that always writes to a file in your home directory with a
specific name. .copy_files enables you to specify that the application update the file
at every label.
The .link_files file stores file names to be linked when you first change
to a workspace with a higher label. .link_files is stored in your home
directory at your minimum label. This file is useful when a specific
file needs to be available at multiple labels, but the content must be
identical at every label.