On Mon, 2005-03-28 at 16:09 +0200, Tom wrote:
> On Mon, Mar 28, 2005 at 08:46:24AM -0500, Ivan Gyurdiev wrote:
> > I was suggesting that content should be kept in a sub-folder of /home,
> > not that it should be kept somewhere else. I'm sorry for the
> > misunderstanding. I am suggesting that this folder(s) should be
> > standartized somehow. I am saying that settings should be kept separate.
>
> ah! What you want is /home/tom/.etc/ ?

Something like that - yes.

> Aunt Ellie downloads a movie. It goes into the Download folder (or
> really anywhere, it doesn't matter much). She drags the movie icon to
> the movie player and lets it drop. Movie plays.
>
> Behind the scenes, the file is relabeled or moved into another
> directory where mplayer can access it.

How does this relate to the SElinux work to secure the X server? Should the desktop environment be trusted?

.. so what you're saying is that nautilus (running as user_t, which has read access to the file in question, as well as appropriate relabel access), should determine its mime type, or use the DND target app, and associate a context with that, which the mime handler can play, then relabel file to that context (can't copy - what if it's huge?).... and do this for every mime handler I attempt to open it with?

-- 
Ivan Gyurdiev <ivg2@cornell.edu>
Cornell University


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.