On 08/19/2010 05:47 PM, Stephen Smalley wrote: > It prevents the client application from directly communicating with the > top-level Xorg server. In the case of the bug you cited, they have to > first escalate access and gain code execution within Xephyr before they > can mount the attack on the top-level Xorg server, rather than being > able to directly attack the top-level Xorg server from the client app. I see. I thought Xephyr and the sandboxed program run within the same domain, but looking at the process table made it clear. The logical next question would be: How confined is xserver_t actually? ;) > Curious as to whether they in fact wrote a successful exploit that did > that, or just pointed out that it is theoretically possible. I was also curious and asked on their blog, but didn't get a response. thanks for your explanations, Christoph
Attachment:
signature.asc
Description: OpenPGP digital signature
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
