From: Eamon Walsh <ewalsh@tycho.nsa.gov>
To: Xavier Toth <txtoth@gmail.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>,
"Christopher J. PeBenito" <cpebenito@tresys.com>,
SELinux List <selinux@tycho.nsa.gov>
Subject: Re: copy&paste security_compute_av from python
Date: Mon, 31 Mar 2008 20:42:40 -0400 [thread overview]
Message-ID: <47F18500.3030201@tycho.nsa.gov> (raw)
In-Reply-To: <cadfc0e40803311235h3e3440fbn395dd55b8ab0e534@mail.gmail.com>
Xavier Toth wrote:
> I'm working on the code for the selection request where I've got the
> source context and the destination context and I've got to decide if I
> need to popup the downgrade dialog. The class for the
> security_compute_av call should probably be SECCLASS_PROPERTY, right?
> But what about the av bits?
>
If we want to use a permission check in the selection manager
application to decide whether to pop up the confirmation dialog, then I
think we need a new security class to express the concept of "clipboard
data". The existing set of classes and permissions is oriented towards
the low-level mechanics of the X selection mechanism: the individual
property objects where data is written and the selection objects that
are used for the IPC. Neither of those really captures the notion of
actually reading or writing the clipboard data itself.
This concept is already implemented in the X server; you can call
SetSelectionCreateContext to set a context on the "data" when you take
ownership of a selection, and the GetSelectionDataContext request
returns this context for the current selection owner. The server itself
doesn't perform any checks on this data context at present.
But, is there a different way to decide whether the paste operation
would be a downgrade? Some type of context dominance call?
> Dan have you ever called security_compute_av from Python?
>
> Ted
>
>
--
Eamon Walsh <ewalsh@tycho.nsa.gov>
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next parent reply other threads:[~2008-04-01 0:42 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <cadfc0e40803311235h3e3440fbn395dd55b8ab0e534@mail.gmail.com>
2008-04-01 0:42 ` Eamon Walsh [this message]
2008-04-01 11:43 ` copy&paste security_compute_av from python Stephen Smalley
2008-04-01 18:18 ` Eamon Walsh
[not found] ` <47F28FEB.9000901@tycho.nsa.gov>
[not found] ` <cadfc0e40804081150k336ff301i1a382b117a4d44e2@mail.gmail.com>
[not found] ` <cadfc0e40804081222g6fe8fed0xda16c1923a0ee6fe@mail.gmail.com>
[not found] ` <47FD0731.2030202@tycho.nsa.gov>
[not found] ` <1207765707.21223.523.camel@moss-spartans.epoch.ncsc.mil>
2008-04-09 20:04 ` Xavier Toth
2008-04-10 16:52 ` Daniel J Walsh
2008-04-10 16:58 ` Xavier Toth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47F18500.3030201@tycho.nsa.gov \
--to=ewalsh@tycho.nsa.gov \
--cc=cpebenito@tresys.com \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
--cc=txtoth@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.