A common VFS and a Common conf-system [Part II]

Alexander Larsson alexl at redhat.com
Thu Mar 3 19:02:05 EET 2005

On Thu, 2005-03-03 at 11:55 -0500, Sean Middleditch wrote:
> On Thu, 2005-03-03 at 17:52 +0100, Alexander Larsson wrote:
> >> I fully admit to being rather ignorant on the SELinux development
> >> interface, but that sort of behavior is possible, is it not?  Would it
> >> also be possible to make the daemon utilize the client application's
> >> context for file access (similar to the fsuid in Linux) ?
> >
> >I know you can pass around selinux contexts. I'm not sure you can do i/o
> >in a specific context though. I don't really know much about selinux.
> Guess I'll have to start doing some major reading on it, then.  :)

For one, its unlikely that the vfs daemon could run something in a
context that had more priviledges than the original context the daemon
was running in.

 Alexander Larsson                                            Red Hat, Inc 
                   alexl at redhat.com    alla at lysator.liu.se 
He's a Nobel prize-winning chivalrous gentleman spy whom everyone believes is 
mad. She's a brilliant hip-hop socialite prone to fits of savage, blood-crazed 
rage. They fight crime! 

More information about the xdg mailing list