On Fri, 2006-07-07 at 17:01 -0700, Casey Schaufler wrote: ... > > > > > > - MLS X11 servers > > > > People are working on this, but I'm not aware of > > current plans to include > > that in an evaluated configuration. > > It's always the first thing to go.
Yes, and what a shame that is. The poorest labeled X demo beats the best demo without it. Decision makers who have real need for MLS systems can understand SECRET windows doing SECRET stuff; TOP SECRET windows doing TS stuff. Add it in post-evaluation and the accreditors balk. ... > > > > Not quite, trusted programs ... > > Are decidedly uninteresting. > > > could have an override > > capability which lets > > them communicate anyway while still keeping that > > functionality away from > > ordinary users. The challenge is doing that cleanly > > and safely in sshd > > in combination with labeled networking... > > I claim that you can't do it and maintain > the integrity of your MLS. Casey, can you elaborate a bit on this assertion? I agree it is not without risk but feel it may be acceptable given that the trusted program should be well-behaved. Or does it open an exploit potential? LCB. -- LC Bruzenak [EMAIL PROTECTED] -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
