SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Research Skip Research Menus Research Menu Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: Desktop apps interoperability This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] From: Ivan Gyurdiev <ivg2_at_cornell.edu> Date: Thu, 31 Mar 2005 05:04:40 -0500 On Wed, 2005-03-30 at 09:58 -0800, Casey Schaufler wrote: > --- Ivan Gyurdiev <ivg2@cornell.edu> wrote: > > > Ok, some apps like gift don't ask where to save the > > content, > > but that's the exception and not the rule. > > I challenge you to back up this claim. I don't need to back up this claim, because: Apps that don't let you configure where to save your content are badly designed. They can be changed If they're not changed, it doesn't matter, because what I'm proposing is backwards compatible. User_t will still have access to all content types, and can write stuff to /home as user_home_t. Apps will have to be specifically confined in order not to be able to write to user_home_t. If some app is a problem, it can be left to run at user_home_t for now. If apps store stuff in a hardcoded location, we can label that easily with the proper context, unless it's hardcoded to /home or some other shared place. Anyway, I am starting to get a better idea as to how this might work - see my response to Luke's message. -- Ivan Gyurdiev <ivg2@cornell.edu> Cornell University -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Thu 31 Mar 2005 - 04:59:58 EST This message: [ Message body ] Next message: Stephen Smalley: "Re: Selinux checkpolicy parse error" Previous message: Luke Kenneth Casson Leighton: "Re: Desktop apps interoperability" In reply to: Casey Schaufler: "Re: Desktop apps interoperability" Next in thread: Casey Schaufler: "Re: Desktop apps interoperability" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom