From: Daniel J Walsh <dwalsh@redhat.com>
To: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Ole Kliemann <ole@plastictree.net>,
Russell Coker <russell@coker.com.au>,
selinux@tycho.nsa.gov
Subject: Re: Information about XSELinux
Date: Thu, 19 Jul 2012 10:10:09 -0400 [thread overview]
Message-ID: <50081541.3040909@redhat.com> (raw)
In-Reply-To: <1342704589.31048.22.camel@moss-pluto.epoch.ncsc.mil>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 07/19/2012 09:29 AM, Stephen Smalley wrote:
> On Tue, 2012-07-17 at 00:18 +0200, Ole Kliemann wrote:
>> On Tue, Jul 17, 2012 at 04:23:14AM +1000, Russell Coker wrote:
>>> On Tue, 17 Jul 2012, Ole Kliemann <ole@plastictree.net> wrote:
>>>> Is it included in any major distributions? (Currently using Ubuntu
>>>> 12.04)
>>>
>>> Unless Ubuntu have done some significant enhancements over my Debian
>>> work without telling me then it's not going to work.
>>
>> I'm no expert, but as far as I can tell, it's just not there in Ubuntu.
>>
>> I understood from a bug report on this list that it's included in Fedora.
>> So I installed it on a test system and could reproduce the bug (X server
>> fails to start when xserver_object_manager is set).
>>
>> I'm willing to switch to whatever distribution is providing the means to
>> seperate user contexts under X.
>
> XSELinux is included in Fedora, but they don't enable it by default so it
> doesn't get much testing. They took a different approach for isolating X
> applications via nested Xephyr servers in their sandbox tool.
>
My opinion is that XAce or XSELinux works ok with the MLS model, but not with
the type enforcement model. In my opinion isolating applications within the
own sandbox/containers is a simpler and more sustainable approach.
XClients that get a permission denied, are likely to misbehave (die) since
they were coded with the assumption that they either get full access to X or
no access to X.
Finally trying to write confinement policy for a type enforcement model on X
is very difficult, how do I isolate two instances of firefox? If Firefox
execs a open office, how does this libreoffice interact with the existing
libreoffice that might be running under a different context. How does
cut/paste work, how about one window obscuring another, transparent windows
... Way too complicated. Sandbox model is just total separation. They do
not even know the other apps exist.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAlAIFUEACgkQrlYvE4MpobNosQCfWwKjjPONs5WHNbDGit3NYGXt
iegAn1mav7HlS21m5q89xy47pXDXpw8x
=fZVQ
-----END PGP SIGNATURE-----
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2012-07-19 14:10 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-07-16 16:10 Information about XSELinux Ole Kliemann
2012-07-16 18:23 ` Russell Coker
2012-07-16 22:18 ` Ole Kliemann
2012-07-19 13:29 ` Stephen Smalley
2012-07-19 14:10 ` Daniel J Walsh [this message]
2012-07-19 14:44 ` Ole Kliemann
2012-07-27 4:02 ` Russell Coker
2012-08-07 12:53 ` Ole Kliemann
2012-07-17 17:31 ` James Carter
[not found] <1342534966.11916.YahooMailClassic@web87705.mail.ir2.yahoo.com>
2012-07-19 14:18 ` Ole Kliemann
2012-07-19 17:01 ` Richard Haines
2012-07-23 14:12 ` Ted Toth
2012-07-24 11:05 ` Ole Kliemann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=50081541.3040909@redhat.com \
--to=dwalsh@redhat.com \
--cc=ole@plastictree.net \
--cc=russell@coker.com.au \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.