HashSet security model contains expression

contains {sid : <Sid>, entry : <Entry>}

It checks whether the entry value is in the table associated with the resource that has the security ID sid.

It returns a value of the Boolean type. If the entry value is in the table, it returns true. Otherwise it returns false.

It runs incorrectly in the following cases:

• The resource with the security ID sid is not associated with a table from the tables pool of the HashSet security model object being used.
• Security ID sid is out of the permissible range.

If the expression runs incorrectly, the Kaspersky Security Module returns the "denied" decision.

Example:

/* An entity of the Server class will receive the "allowed" decision

* from the Kaspersky Security Module by calling the method

* of the Check security interface if the value 42

* is in the table associated with this entity.

* Otherwise the entity of the Server class will receive the "denied" decision

* from the security module by calling the method of the

* Check security interface. */

security src=Server, method=Check {

assert(S.contains {sid : src_sid, entry : 42})

}

Page top