From: Tom <tom@lemuria.org>
To: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Ivan Gyurdiev <ivg2@cornell.edu>,
"Fedora SELinux support list for users & developers."
<fedora-selinux-list@redhat.com>,
selinux@tycho.nsa.gov
Subject: Re: Desktop apps interoperability
Date: Mon, 28 Mar 2005 18:20:20 +0200 [thread overview]
Message-ID: <20050328182020.A29887@lemuria.org> (raw)
In-Reply-To: <1112025866.2914.88.camel@moss-spartans.epoch.ncsc.mil>; from sds@tycho.nsa.gov on Mon, Mar 28, 2005 at 11:04:26AM -0500
On Mon, Mar 28, 2005 at 11:04:26AM -0500, Stephen Smalley wrote:
> I'm not sure I understand your intent. There are two scenarios:
> 1) mplayer directly launched by firefox. As the attacker already has
[...]
> 2) mplayer launched by something other than firefox, e.g. user shell,
[...]
> user of the downloaded file. Naturally, what you really want there is a
> trusted path mechanism.
Hmm.
I think you are right. I did forget about programs launching other
programs. On the other hand, doesn't that give us another option within
SELinux? Can't we make mplayer-launched-by-firefox run in a different
domain than mplayer-run-by-user? In that domain, it would have access
to the downloaded files, but not to the remainder of the user data.
--
http://web.lemuria.org/pubkey.html
pub 1024D/2D7A04F5 2002-05-16 Tom Vogt <tom@lemuria.org>
Key fingerprint = C731 64D1 4BCF 4C20 48A4 29B2 BF01 9FA1 2D7A 04F5
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2005-03-28 16:20 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-03-28 4:57 Desktop apps interoperability Ivan Gyurdiev
2005-03-28 5:03 ` Ivan Gyurdiev
2005-03-28 5:27 ` Ivan Gyurdiev
2005-03-28 10:01 ` Luke Kenneth Casson Leighton
2005-03-28 10:17 ` Rogelio Serrano
2005-03-29 11:33 ` Dale Amon
2005-03-29 13:54 ` Stephen Smalley
2005-03-29 15:39 ` Colin Walters
2005-03-28 11:26 ` Tom
2005-03-28 12:15 ` Ivan Gyurdiev
2005-03-28 13:11 ` Tom
2005-03-28 13:46 ` Ivan Gyurdiev
2005-03-28 14:09 ` Tom
2005-03-28 15:05 ` Ivan Gyurdiev
2005-03-28 15:12 ` Stephen Smalley
2005-03-28 15:47 ` Tom
2005-03-28 16:04 ` Stephen Smalley
2005-03-28 16:20 ` Tom [this message]
2005-03-28 16:39 ` Stephen Smalley
2005-03-30 5:01 ` Ivan Gyurdiev
2005-03-28 15:41 ` Tom
2005-03-28 10:04 ` Luke Kenneth Casson Leighton
2005-03-28 13:36 ` Stephen Smalley
2005-03-28 18:27 ` Luke Kenneth Casson Leighton
2005-03-28 18:23 ` Stephen Smalley
2005-03-28 19:54 ` Luke Kenneth Casson Leighton
2005-03-28 19:46 ` Stephen Smalley
2005-03-28 13:43 ` Stephen Smalley
-- strict thread matches above, loose matches on Subject: below --
2005-03-28 16:51 Casey Schaufler
2005-03-30 15:05 Casey Schaufler
2005-03-30 15:29 ` Ivan Gyurdiev
2005-03-30 15:52 Casey Schaufler
2005-03-30 16:13 ` Ivan Gyurdiev
2005-03-30 21:50 ` Tom
2005-03-30 22:12 ` Luke Kenneth Casson Leighton
2005-03-31 8:37 ` Tom
2005-03-31 10:05 ` Luke Kenneth Casson Leighton
2005-03-31 8:42 ` Ivan Gyurdiev
2005-03-30 17:04 Casey Schaufler
2005-03-30 17:15 ` Stephen Smalley
2005-03-30 17:26 ` Luke Kenneth Casson Leighton
2005-03-30 17:44 ` Ivan Gyurdiev
2005-03-30 18:09 ` Jim McCullough
2005-03-30 22:09 ` Luke Kenneth Casson Leighton
2005-03-30 22:00 ` Luke Kenneth Casson Leighton
2005-03-31 9:25 ` Ivan Gyurdiev
2005-03-31 9:48 ` Ivan Gyurdiev
2005-03-30 17:27 Casey Schaufler
2005-03-30 17:53 Casey Schaufler
2005-03-30 17:56 ` Stephen Smalley
2005-03-30 17:58 Casey Schaufler
2005-03-31 10:04 ` Ivan Gyurdiev
2005-03-31 16:05 Casey Schaufler
2005-03-31 16:08 ` Stephen Smalley
2005-03-31 21:13 ` Tom
2005-03-31 21:05 ` Stephen Smalley
2005-04-01 5:28 ` Rogelio Serrano
2005-04-01 7:54 ` Tom
2005-03-31 17:40 ` Ivan Gyurdiev
2005-03-31 16:51 Casey Schaufler
2005-03-31 18:16 ` Stephen Smalley
2005-04-02 3:50 Casey Schaufler
2005-04-03 23:39 Casey Schaufler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050328182020.A29887@lemuria.org \
--to=tom@lemuria.org \
--cc=fedora-selinux-list@redhat.com \
--cc=ivg2@cornell.edu \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.