Desktop apps interoperability
Tom
tom at lemuria.org
Mon Mar 28 16:20:20 UTC 2005
On Mon, Mar 28, 2005 at 11:04:26AM -0500, Stephen Smalley wrote:
> I'm not sure I understand your intent. There are two scenarios:
> 1) mplayer directly launched by firefox. As the attacker already has
[...]
> 2) mplayer launched by something other than firefox, e.g. user shell,
[...]
> user of the downloaded file. Naturally, what you really want there is a
> trusted path mechanism.
Hmm.
I think you are right. I did forget about programs launching other
programs. On the other hand, doesn't that give us another option within
SELinux? Can't we make mplayer-launched-by-firefox run in a different
domain than mplayer-run-by-user? In that domain, it would have access
to the downloaded files, but not to the remainder of the user data.
--
http://web.lemuria.org/pubkey.html
pub 1024D/2D7A04F5 2002-05-16 Tom Vogt <tom at lemuria.org>
Key fingerprint = C731 64D1 4BCF 4C20 48A4 29B2 BF01 9FA1 2D7A 04F5
More information about the fedora-selinux-list
mailing list