| |||||||||||||
Sandboxed file accessSandboxed file accessPosted Sep 5, 2012 13:28 UTC (Wed) by walters (subscriber, #7396)In reply to: Sandboxed file access by geofft Parent article: Ubuntu's new app developer upload process proposal
Any application with access to X11 though can elevate privileges with not that much more effort than access to the home directory gives. This appears to be handwaved away in the Ubuntu page =/ It's a really hard problem of course - I talked about it in 2005; see "SELinux and the Linux Desktop".
(Log in to post comments)
Sandboxed file access Posted Sep 6, 2012 1:32 UTC (Thu) by geofft (subscriber, #59789) [Link]
I believe that the plan is to have AppArmor use XACE hooks, which IIRC are the same hooks that SELinux is using for security-enhanced X. This was mentioned on the spec, but I'm not up-to-date enough on AppArmor to know how good the XACE support is.
Certainly a nicer solution would involve the X security extension, or better yet, an untrusted X proxy that also happens to NAT all global X identifiers. I was working on code for this when I was a grad student, then got distracted and went to industry. Maybe I'll dust it off again and see if I can get something working...
Sandboxed file access Posted Sep 6, 2012 8:33 UTC (Thu) by dplanella (guest, #57898) [Link]
Thanks for the feedback. I guess I'm missing the context of not having been at the talk, but having looked at the slides you're pointing to doesn't give me much detail about the problem.
Would you mind elaborating the issue and options to fix or mitigate it?
We'd be more than happy to add it to the spec if it's currently not covered in enough detail.
Thanks!
|
|||||||||||||