xorg and EAL4+

Alan Cox alan at lxorguk.ukuu.org.uk
Thu Apr 19 15:07:26 PDT 2007


> > Or, is the X protocol just so broken, that X could never reach this
> > level of security.
> 
> It is possible, but it depends on the protection profile and the 
> specific X protocol subset (extensions).

To an extent: X itself can support multiple X servers within an X server
and avoid exposing anything from one into the other so you've got the
"within X" and "around X" option just as you've got the securing an OS
versus multiple OS instances option.




More information about the xorg mailing list