DOWNGRADE Privilege (All)

The DOWNGRADE privilege permits a process to manipulate mandatory access controls. The privilege lets a process write to an object of lower secrecy, in violation of the Bell and LaPadula confinement (*) property.^[5]This privilege is reserved for enhanced security products such as the Security Enhancement Service software (SEVMS).^[6]

^[5]Name of the restriction on write-downs. Multilevel security requires the complete prohibition of write-downs by untrusted software.

^[6]Support for SEVMS software has ended.