Security Microconf

Its interesting to see the focus on 'Securing the desktop', but none of the current access control LSMs in the kernel are really targeted to this - they focus on static, server oriented type policies, whereas the desktop is a much more dynamic environment, and providing a least authority implementation for desktop apps using these existing MAC frameworks seems far too cumbersome - and they do not provide the kind of flexibility that is really needed - perhaps a focus on more desktop oriented frameworks such as PULSE[1, 2] (yes I am pushing my own previous research work) would be good.

[1] http://crpit.com/abstracts/CRPITV81Murray.html
[2] http://sourceforge.net/projects/pulse-lsm/