Re: [Muscle] Revised Diagram: pcsclite for Sun Ray w/Solaris Trusted Exteions

Mon, 23 Oct 2006 08:19:44 -0700 

On Fri, 20 Oct 2006, Paul Klissner wrote:


Here's a link to an improved diagram:

http://www.freemyimage.com/ims/pic.php?u=1500BLfhm&i=15663


That helps. And the diagram does omit how the xdpy# is generated to
even be available to ifd handler. This is the only weakness I see.

The ifd and pcscd cannot determin if the Xdpy# value is beeing spoofed.

You do show where the zone label comes from (socket credentials from
the kernel) But you cannot get the Xdpy# that way.
Another question (though not really a security one) - what happens when one userhas two Sun Ray displays at a desk? 

I can see this happening more on a developers desk instead of a normal
users desk - Both systems may need the smartcard simultaneously. There
is also the possibility of cross matched zones (both belong to the user,
both X servers belong to the same user, and for some reason, the user
chooses to send a X window to the other display...)

Right now, we have users doing this. One display is holding the "official"
windows of his application, the other X server is recieving debug output
monitoring the application. These users have two (or more) keyboard/mouse/display devices on the desk (I have two, one Linux and one 
Solaris).

Btw, The diagram does leave out one other piece of info:
I assume each box at the bottom represents a SunRay display/system, and
the single box on top is the remote server system.

The diagram also only illustrates the static result of all decisions made,
and almost non none of the steps to get that way. I think those steps
and the security decisions required to procede from state to state are
needed to fill out the security table of data source/allowed state/destination state. I think that would show that the Xdpy# is 
an uncontroled datum being used for security decisions.


_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle


-------------------------------------------------------------------------
Jesse I Pollard, II
Email: [EMAIL PROTECTED]

Any opinions expressed are solely my own.

_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle

Reply via email to