sandbox in X11 root window on RHEL6
Luc de Louw
luc at delouw.ch
Tue Nov 9 20:45:50 UTC 2010
Dear all,
I'm involved in a project which involves some hardened Linux clients. I
plan to realize them with RHEL6 desktops.
Recently I stumbled upon Dan Walsh's SELinux sandbox, which looks to fit
and surpasses the security requirements and it is part of RHEL6.
The goal is to run exactly one application in the X11 root window w/o
authentication, this is done by the application.
So, not gdm, kdm, xdm should run, no gnome-,kde- whatever-desktops apps
and panels should be visible/accessible.
Any hints on this?
TIA for any advice,
Luc
More information about the selinux
mailing list