Fast User Switching and security / SELinux
Karl MacMillan
kmacmill at redhat.com
Tue Dec 19 22:14:41 UTC 2006
Reading through http://fedoraproject.org/wiki/Desktop/FastUserSwitching,
I had two questions.
1) Any work ongoing to look at the security of this solution. For
example, the proposed fix for device ownership allows multiple users to
use devices simultaneously. This could have serious security
implications (e.g., monitoring VIOP calls made by another user).
2) Some work will likely be needed for this to work well with SELinux,
particularly as we are looking at locking down user apps as an option in
the future (evolution, firefox, etc.). This may also include XACE
(http://blogs.sun.com/alanc/entry/xace_merged_into_xorg_for - just
ignore the trusted extensions notes). Any current plans on tackling this?
Thanks - Karl
More information about the fedora-devel-list
mailing list