Has this made it into the git tree yet? On Jan 23, 2008 6:11 PM, Eamon Walsh <ewalsh@xxxxxxxxxxxxx> wrote: > > Glenn Faden wrote: > > Eamon Walsh wrote: > > > >> > >> OK, I worked on this today. The property polyinstantiation itself is > >> easy enough, but I've run into a problem with the PropertyNotify > >> events that occur when a polyinstantiated property is changed or > >> deleted - everyone can see them! Some major changes to the event > >> delivery model are probably going to be necessary to make this work. > >> > >> I can't immediately see how it's done in Trusted Extensions. In > >> TsolDeleteProperty there is just a regular DeliverEvents call to send > >> the event. > >> > >> I think there will have to be a way to pass some private data down > >> with all events, and then have another hook call further down that > >> gives a yes/no answer for each client. > >> > > You're probably right that unnecessary PropertyNotify events may be > > distributed to any client who has expressed interest in this event on > > the root window. I don't think this is a big problem, however. If the > > client cares to read the property whose atom is associated with the > > event it will get the value which matches its security context. > > > > If your concern is that this presents a covert channel, that is an issue > > that we generally ignore. For example we don't prevent higher-level > > windows from generating exposure events which may be delivered to lower > > level windows. We only prevent normal clients from mapping windows into > > a Trusted Path workspace. > > > > --Glenn > > > > I'll press forward with this then, putting the event delivery on the > to-do list. > > > > -- > Eamon Walsh <ewalsh@xxxxxxxxxxxxx> > National Security Agency > > -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
