The security statement is for configuring the event when an entity queries Kaspersky Security System via the security interface.
Syntax
<security-policy-binding> ::=
"security" ["call"] <security-method> "=" <policy-list> ";"
<security-method> ::= <security-method-name>
["(" <arg-name> {"," <arg-name> "}"] ["[" <src-sid> "]"]
Elements
|
Prototype of the security interface method with which the list of policies is bound. Consists of the name of the method and an optional list of arguments. You can list only those arguments that are used by policies. |
|
Name of the security interface method with which the list of policies is bound. It must correspond to the name of the method described in the entity security interface. |
|
Name of the argument. |
|
Name of the argument containing the identifier of the security context of the entity that is querying Kaspersky Security System. This argument is implicitly defined and is passed in each of the entity's queries to Kaspersky Security System. The argument name is arbitrarily defined. By this name, the argument can be passed to security policies in the list of arguments. |
|
List of security policies that will be applied to an event. |
Example
/* In the provided example, the "initializeSession" method of the security interface is used by the driver for initialization of the resource security context.
*/
security call initializeSession(handle, role) = rbac.setRole (handle, role);
/* The "readFromSession" method of the security interface is used by the driver to control access to the resource (reading the file).
*/
security call readFromSession(handle) = rbac.check ["read"] (handle);
Page top