I've found a post on the Xorg mailing list
(http://lists.freedesktop.org/archives/xorg/2006-October/018603.html)
that indicates that XACE has been merged into the server-1.2 branch and
will be released as a part of X.org's 7.2 release (X11R7.2). from
http://people.freedesktop.org/~ewalsh/xace_proposal.html:
The XACE (X Access Control Extension) is a set of generic "hooks" that
can be used by other X extensions to perform access checks. The goal of
XACE is to prevent clutter in the core dix/os code by providing a common
mechanism for doing these sorts of checks. The concept is identical to
the Linux Security Module (LSM) in the Linux Kernel.
I remember seeing something before about an SELinux module for XACE but
I can't find the message right now. After XACE and the accompanying
SELinux module are in place, there will still be a need for a window
manager capable of displaying relevant context info. There is a bug open
for Metacity (http://bugzilla.gnome.org/show_bug.cgi?id=356753) for
adding SELinux support but it hasn't really gone anywhere yet. I was
thinking that Compiz or Beryl could add some interesting functionality
for SELinux-enabled systems such as dimming or coloring windows based on
sensitivity levels or domains.
Martin Meyer
Richard Hally wrote:
Peter Pun wrote:
Hi,
Where can I find more infomation regarding the development of SELinux
to protect XWindows? I remember reading somewhere that people are
working to have it protect the desktop someday. But I couldnt find
that info again.
Peter
------------------------------------------------------------------------
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
------------------------------------------------------------------------
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.432 / Virus Database: 268.15.22/590 - Release Date:
12/16/2006 5:39 PM
SEE:
http://www.nsa.gov/selinux/list-archive/0405/thread_body38.cfm
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
