User: Password:
|
|
Subscribe / Log in / New account

User interface for security

User interface for security

Posted May 6, 2010 15:12 UTC (Thu) by davecb (subscriber, #1574)
Parent article: Qubes: security by virtualization

The Trusted Systems world (the real one, not the fakers doing
DVD players) deals with the copy-paste problem by making it
user-visible, and management-allowable.

In X, the windows have an optional decoration by security classification.
When you try to copy or paste from a high-security compartment to a low-security one, you get a pop-up saying this is a bad thing.
If needed, there is a "downgrader" that can copy to low-security on a case-by-case basis. Compilers can have an automatic downgrader for their object output, for example.

For safety, you could also have a popup when you try to copy from a low-safety compartment to a secure one, with a dwngrade to convert, for example, macro-virused word processor docs to macro-free filtered odf (;-))

--dave


(Log in to post comments)

User interface for security

Posted May 8, 2010 0:57 UTC (Sat) by quotemstr (subscriber, #45331) [Link]

Compilers can have an automatic downgrader for their object output, for example.
Why would a compiler be in the high-security compartment to begin with?

User interface for security

Posted May 8, 2010 14:38 UTC (Sat) by davecb (subscriber, #1574) [Link]

It's input data could well be in a compartment, but the compiler itself would probably be at system-low.

--dave


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds