> Richard L. Hamilton wrote: > > Does Trusted Extensions have any helpful > capabilities to avoid > > trojans/spoofing, ensure the visual representation > of labels (or other > > security status indicators) can't be faked, assure > that programs that > > need it can be ensured exclusive access to > keypress/keyrelease events, > > etc? Could some of those capabilities be used > independently of the rest > > of Trusted Extensions, enough to deal with the > problem of prompting for > > account passwords safely? > > > Yes, Trusted Extensions provides continuous feedback > in a reserved > stripe which cannot be obscured. It displays a shield > when the focus is > associated with the Trusted Path, and an unspoofable > label. > > It also enforces user, role, and label separation of > X resources in the > X server. So clients with different labels or uids > can't spy on each > other. Trusted Path clients run in the global zone > which is not > available to users, so they can't interfere with it. > Authentication is > done via the Trusted Path, as is label assignment. > Event handling is > similarly restricted by preventing untrusted clients > from expressing > interest on trusted clients, and by disallowing > access to the state of > the keyboard, motion events, etc. > > Now that TX is bundled with OpenSolaris, anyone can > take advantage of > these features. However, be careful of what you mean > by using them > independently. Independent of what? Labels? Zones? > Why not just use it > as it is?
Yes, labels and zones is mainly what I meant. MLS is great if you need it, but administrative overhead and usage inconvenience if you don't. And AFAIK if TX as a whole is used, it precludes other unrelated use of zones on that system. This message posted from opensolaris.org
