blob: 4c957dabb61cad7ca8334dfd68eadaa388d92526 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
The input relabeling demonstration works by dynamically setting the context
of the keyboard and mouse devices during an X session. What this does is
allow policy to be written to prevent input events from going anywhere but
a selected X application or applications while the device is in a relabeled
state.
Keep in mind that in XSELinux, input devices are treated as SUBJECTS for
purposes of input event generation. This means that the input device security
context needs permission to "send" events. The events, in turn, are labeled
using both the type of event (typically fixed as input_xevent or the like)
and the destination window of the event. The result is that the input device
must be granted permission to "send" input events to any specific window, which
is labeled off its owning process.
Refer to the XSELinux comprehensive review paper, available on request, for
the specifics.
The policy/ subdirectory contains the security policy for the demo. There are
three pieces:
1. The "xserver.patch" contains modifications that need to be made to the base
policy, which is too permissive in its current form.
2. The "hapdemo" module contains three custom domains that are used to run
apps in different contexts, and three custom contexts used to label the
input device, with each device context only able to send events to the
corresponding domain's windows.
3. The "local" module contains some local modifications to support the demo,
mostly just putting certain executables in execmem context.
The demo/ subdirectory contains supporting scripts for the demo. The xinitrc
file is used with xinit/startx to set up the demo environment. The cursoncon
app runs a dialog box that does the device relabeling. The eyes.sh runs apps
under the demo domains. Finaly, the xcowsaylogmon script monitors the log for
AVC's.
To get this stuff working you need XCB and xpyb (the XCB python binding),
which may need to be installed from source. Right now the only interface to
the XSELinux X extension is via XCB, since no Xlib client-side support has
been written for it.
|
