Re: sandbox in X11 root window on RHEL6

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/09/2010 03:45 PM, Luc de Louw wrote:
> Dear all,
> 
> I'm involved in a project which involves some hardened Linux clients. I 
> plan to realize them with RHEL6 desktops.
> 
> Recently I stumbled upon Dan Walsh's SELinux sandbox, which looks to fit 
> and surpasses the security requirements and it is part of RHEL6.
> 
> The goal is to run exactly one application in the X11 root window w/o 
> authentication, this is done by the application.
> 
> So, not gdm, kdm, xdm should run, no gnome-,kde- whatever-desktops apps 
> and panels should be visible/accessible.
> 
> Any hints on this?
> 
> TIA for any advice,
> 
> Luc
> --
> selinux mailing list
> selinux@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/selinux
> 
> 

I think you just want to make your app the DISPLAYMANAGER.

Look at /etc/sysconfig/desktop and /etc/X11/prefdm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkzZtEcACgkQrlYvE4MpobM5hQCguHcfdZepqBSMXdqydVe9gHql
fVsAn15Swn/87qLWqPsY/c3TTiiKVWuX
=EA13
-----END PGP SIGNATURE-----
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux


[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux