On Mon, Jul 23, 2012 at 09:12:37AM -0500, Ted Toth wrote: > FWIW we have a custom distro of RHEL 6 running MLS policy with X in > enforcing however as you might imagine getting all of this working was > non-trival. Because of schedule/budget/complexity we do not run GNOME > but rather Openbox, fbpanel and idesk all of which we wrote policy > for. Many apps (Firefox, OpenOffice) require policy tweeks with many > of those due to our particular security requirements. We have dozens > of custom X applications all of which require policy modules. Getting > things like copy/paste to work under MLS is particularly challenging > because of lack of visibility into what the X server (XACE) is doing. I'm running X in enforcing too now with a simple setup. There is a domain for every job (browser, mail, ...). These domains can't access each other. The WM has access to all of them. Copy/paste works like a charm with every domain having its own cutbuffer and a small script called from the WM to copy the cutbuffer to other domains. Of course I had to allow some things in X that I do not fully understand. But there is definitely no more sending synthetic input events to foreign windows and no more keylogging. Do you know of any documentation that lists all things in the X protocol and their possible security implications? Ole
Attachment:
signature.asc
Description: Digital signature
