From: Tom <tom@lemuria.org>
To: Ivan Gyurdiev <ivg2@cornell.edu>
Cc: "Fedora SELinux support list for users & developers."
<fedora-selinux-list@redhat.com>,
selinux@tycho.nsa.gov
Subject: Re: Desktop apps interoperability
Date: Mon, 28 Mar 2005 17:41:00 +0200 [thread overview]
Message-ID: <20050328174059.C29441@lemuria.org> (raw)
In-Reply-To: <1112022358.5811.47.camel@cobra.ivg2.net>; from ivg2@cornell.edu on Mon, Mar 28, 2005 at 10:05:58AM -0500
On Mon, Mar 28, 2005 at 10:05:58AM -0500, Ivan Gyurdiev wrote:
> > ah! What you want is /home/tom/.etc/ ?
>
> Something like that - yes.
Ok, that's a good idea.
> > Behind the scenes, the file is relabeled or moved into another
> > directory where mplayer can access it.
>
> How does this relate to the SElinux work to secure the X server?
Not at all. X doesn't come in here. There's no reason why I can't do
something similar in non-X environments.
> Should the desktop environment be trusted?
Everything is trusted - to a degree. Can I trust my desktop environment
to relabel one filetype to one other filetype? For a military system
the answer would be no, but for a desktop system I think that's a risk
we can take.
> .. so what you're saying is that nautilus (running as user_t, which has
> read access to the file in question, as well as appropriate relabel
> access), should determine its mime type, or use the DND target app, and
> associate a context with that, which the mime handler can play, then
> relabel file to that context (can't copy - what if it's huge?).... and
> do this for every mime handler I attempt to open it with?
You could do priviledge seperation and have a relabeling demon running
in the background.
There's a dozen ways to do it. I really don't care much about which
exactly is used. The point I'm adamant about is two-fold: a) no generic
directories accesable by anyone and their dog - b) explicit transfers
through user interaction are a good idea. Not everything should be
transparent. Firefox's "hey, you downloaded this .exe from the 'net,
you sure you really wanna run it?" is a _good_ idea.
--
http://web.lemuria.org/pubkey.html
pub 1024D/2D7A04F5 2002-05-16 Tom Vogt <tom@lemuria.org>
Key fingerprint = C731 64D1 4BCF 4C20 48A4 29B2 BF01 9FA1 2D7A 04F5
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2005-03-28 15:41 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-03-28 4:57 Desktop apps interoperability Ivan Gyurdiev
2005-03-28 5:03 ` Ivan Gyurdiev
2005-03-28 5:27 ` Ivan Gyurdiev
2005-03-28 10:01 ` Luke Kenneth Casson Leighton
2005-03-28 10:17 ` Rogelio Serrano
2005-03-29 11:33 ` Dale Amon
2005-03-29 13:54 ` Stephen Smalley
2005-03-29 15:39 ` Colin Walters
2005-03-28 11:26 ` Tom
2005-03-28 12:15 ` Ivan Gyurdiev
2005-03-28 13:11 ` Tom
2005-03-28 13:46 ` Ivan Gyurdiev
2005-03-28 14:09 ` Tom
2005-03-28 15:05 ` Ivan Gyurdiev
2005-03-28 15:12 ` Stephen Smalley
2005-03-28 15:47 ` Tom
2005-03-28 16:04 ` Stephen Smalley
2005-03-28 16:20 ` Tom
2005-03-28 16:39 ` Stephen Smalley
2005-03-30 5:01 ` Ivan Gyurdiev
2005-03-28 15:41 ` Tom [this message]
2005-03-28 10:04 ` Luke Kenneth Casson Leighton
2005-03-28 13:36 ` Stephen Smalley
2005-03-28 18:27 ` Luke Kenneth Casson Leighton
2005-03-28 18:23 ` Stephen Smalley
2005-03-28 19:54 ` Luke Kenneth Casson Leighton
2005-03-28 19:46 ` Stephen Smalley
2005-03-28 13:43 ` Stephen Smalley
-- strict thread matches above, loose matches on Subject: below --
2005-03-28 16:51 Casey Schaufler
2005-03-30 15:05 Casey Schaufler
2005-03-30 15:29 ` Ivan Gyurdiev
2005-03-30 15:52 Casey Schaufler
2005-03-30 16:13 ` Ivan Gyurdiev
2005-03-30 21:50 ` Tom
2005-03-30 22:12 ` Luke Kenneth Casson Leighton
2005-03-31 8:37 ` Tom
2005-03-31 10:05 ` Luke Kenneth Casson Leighton
2005-03-31 8:42 ` Ivan Gyurdiev
2005-03-30 17:04 Casey Schaufler
2005-03-30 17:15 ` Stephen Smalley
2005-03-30 17:26 ` Luke Kenneth Casson Leighton
2005-03-30 17:44 ` Ivan Gyurdiev
2005-03-30 18:09 ` Jim McCullough
2005-03-30 22:09 ` Luke Kenneth Casson Leighton
2005-03-30 22:00 ` Luke Kenneth Casson Leighton
2005-03-31 9:25 ` Ivan Gyurdiev
2005-03-31 9:48 ` Ivan Gyurdiev
2005-03-30 17:27 Casey Schaufler
2005-03-30 17:53 Casey Schaufler
2005-03-30 17:56 ` Stephen Smalley
2005-03-30 17:58 Casey Schaufler
2005-03-31 10:04 ` Ivan Gyurdiev
2005-03-31 16:05 Casey Schaufler
2005-03-31 16:08 ` Stephen Smalley
2005-03-31 21:13 ` Tom
2005-03-31 21:05 ` Stephen Smalley
2005-04-01 5:28 ` Rogelio Serrano
2005-04-01 7:54 ` Tom
2005-03-31 17:40 ` Ivan Gyurdiev
2005-03-31 16:51 Casey Schaufler
2005-03-31 18:16 ` Stephen Smalley
2005-04-02 3:50 Casey Schaufler
2005-04-03 23:39 Casey Schaufler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050328174059.C29441@lemuria.org \
--to=tom@lemuria.org \
--cc=fedora-selinux-list@redhat.com \
--cc=ivg2@cornell.edu \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.