A common VFS and a Common conf-system [Part II]

Sean Middleditch elanthis at awesomeplay.com
Thu Mar 3 17:04:10 EET 2005 

On Thu, 2005-03-03 at 15:57 +0100, Alexander Larsson wrote:
>On Thu, 2005-03-03 at 09:03 -0500, Sean Middleditch wrote:
>> 
>> I would argue then that the daemon can forward the information about
>> the process to the keyring, or that they keyring can tie in better to
>> the daemon.  My plan was to make the daemon talk to an external helper
>> over D-BUS (or a more direct protocol if necessary for security -
>> haven't looked at that in depth yet), so gnome could provide such a
>> helper that used the keyring.  Making sure that the actual
>> applications never touch the authentication information is something
>> I'm rather keen on - it really can eliminate an entire class of
>> security holes and information leaks.
>
>There are things you can't easily forward though, such as a selinux
>contexts. 

I really do think that, in the case of the VFS, it is better to not be
tied down to the existing keyring implementation.  Again, quite frankly,
having the application communicate the authentication information
directly is a pretty bad idea.  Rather defeats the whole purpose of even
using SELinux, which is in a large part about controlling data
flow.  ;-)

Instead of having the keyring worry about which apps are authorized to
access which keys, the daemon should worry about which apps are
authorized to access which shares/sessions, and the keyring can then
assume that the daemon is always authorized to request authentication.

i.e., essentially we move the application-authorization from the keyring
to the VFS in the case of storing VFS authentication inforamtion.  The
keyring of course continues to do its authorization for non-VFS purposes
like storing Evolution passwords or whatnot.

>
>=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> Alexander Larsson                                            Red Hat, Inc 
>                   alexl at redhat.com    alla at lysator.liu.se 
>He's a leather-clad chivalrous vagrant with a secret. She's a tortured psychic 
>wrestler with a knack for trouble. They fight crime! 
>
>
-- 
Sean Middleditch <elanthis at awesomeplay.com>

More information about the xdg mailing list