Xace MLS selections

Alan Coopersmith alan.coopersmith at oracle.com
Thu Dec 16 22:14:30 PST 2010

Pat Kane wrote:
> Is the current Xace able to deal with MLS selections?
> If so, how does it handle information downgrades that
> need to be reviewed by the end-user?

Xace alone is not - it's just a framework used to provide hooks
that extensions like SELinux & Solaris Xtsol use to provide their
functions.   The Solaris Xtsol module does handle MLS selections,
with a way to have the desktop provide UI for end-user review,
but I don't know off hand how that's implemented.   The code is
of course open for you to explore, and the architects of it are
available on the security-discuss at opensolaris.org mailing list.

I don't know about SELinux off hand, and am fairly sure the
XC-Security extension (the simplest of the Xace implementations)
does not.

	-Alan Coopersmith-        alan.coopersmith at oracle.com
	 Oracle Solaris Platform Engineering: X Window System

More information about the xorg mailing list