On Mon, 10 Jul 2006 14:11:42 PDT, eklinger uci edu said: > file. After we decrypt the file and remove the wrapper, the raw data would > be opened in the appropriate application on the system (e.g. > OpenOffice.org). However, at the save we would want to add that wrapper > back in so they could not simply circumvent the wrapper protection. Of > course, we don't want to have to modify any of the user level applications > to achieve this functionality. OpenOffice 'Save As...' will be a can of worms, as will the fact that it can have multiple documents open at once, and you can slice-n-mice between them. Do you have an X server that properly enforces MLS/MCS restrictions so cut-n-paste between documents won't work? Otherwise, they can just cut it from their OpenOffice document, paste it into Evilution, and hit 'send'. You're much better off just fixing the machines so you can't attach removable media to them (no USB/firewire/etc), and then restrict the network access so they can't send the bits anyplace interesting....
Description: PGP signature