DOWNGRADE Privilege (All)
» Table of Contents |  | | » Glossary | | | » Index | | |
| | |
| ||
| ||
The DOWNGRADE privilege permits a process to manipulate mandatory access controls. The privilege lets a process write to an object of lower secrecy, in violation of the Bell and LaPadula confinement (*) property.[5] This privilege is reserved for enhanced security products like the Security Enhancement Service software (SEVMS).
[5] Name of the restriction on write-downs. Multilevel security requires the complete prohibition of write-downs by untrusted software.