On Thursday 12 October 2006 17:33, Klaus Weidner <[EMAIL PROTECTED]> wrote: > If you need local console (or serial) login at different MLS levels for > the same user, you can create multiple Linux users for each human user > that share the same uid and home directory, and use "semanage login" to > map them to appropriate levels. So you'd have smith_secret_cat1, > smith_unclassified and so on.
That doesn't work well with password expiry policies. Having smith_secret_cat1 password expire at different times to smith_unclassified would be a pain for users and sys-admins. Then if you want to use RSA SecurID or similar tokens you have an extra level of pain in mapping them to the right Unix account names. I think that the right solution is to re-enable the code for selecting the role etc at login time and adding some code for selecting the level. It should not be difficult to do this if there are no plans to ever support it for ssh or X logins. > It should still work to put a multilevel X desktop on top of this, since > that presumably uses a mechanism other than "newrole" to launch terminals > or windows at different levels. But that's only guesswork due to not > having seen any code for this... Can someone who has worked on one of these things before please comment on how it's done? It seems to me that the current way of managing desktops isn't going to work (IE Gnome and KDE won't work). Currently we have a desktop manager program that can launch an xterm (in the same context) and then a shell (EG bash) is run in the same context as an xterm. This means that if you run a hostile program in one xterm it can ptrace or otherwise interfere with all processes back to the desktop and down again to another xterm. I guess we need to have a trusted desktop manager (I use the term loosely, such a program probably wouldn't have 10% the features of anything we currently call a "desktop manager") that launches xterms in different contexts depending on what they are doing and has the option of launching an xterm that runs "newrole -l" (or maybe launches xterms at different levels). -- [EMAIL PROTECTED] http://etbe.blogspot.com/ My Blog http://www.coker.com.au/sponsorship.html Sponsoring Free Software development -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
