Fine-grained access control -- XACE, XSELinux and X security

Alan Coopersmith Alan.Coopersmith at Sun.COM
Mon Nov 28 15:01:34 PST 2005


Mark Seaborn wrote:
> Is there any documentation for the XACE and XSELinux extensions?
> What is their current status?

I'm not sure yet how this will overlap with XACE, but I've also been
working recently with the group responsible for Trusted Solaris (the
EAL4+/B1/Mandatory Access Control version of Solaris) to get their
X extension ported from Xsun to Xorg and released under the standard
X11 license, in hopes of including it in a future Xorg release as well.

Unfortunately, I've been busy with the Xorg 6.9/7.0 releases, so haven't
had time to dig into this yet, but the engineer from the TSol group who
knows the code best described it as:

    We (Sun) have reimplemented the Trusted Solaris 8 X Extension
    (now called X Trusted Extensions) SUN_TSOL as a loadable extension
    leveraging of XSecurity code and with some additional hooks. Work
    is in progress and Sun is planning to open source the
    X server hooks, the trusted extension module and the API very soon.

-- 
	-Alan Coopersmith-           alan.coopersmith at sun.com
	 Sun Microsystems, Inc. - X Window System Engineering



More information about the xorg mailing list