Language Selection

English French German Italian Portuguese Spanish

The Linux Security Circus: On GUI isolation

Filed under
Linux

There certainly is one thing that most Linux users don't realize about their Linux systems... this is the lack of GUI-level isolation, and how it essentially nullifies all the desktop security.

So, let me stress this one more time: if you have two GUI applications, e.g. an OpenOffice Word Processor, and a stupid Tetris game, both of which granted access to your screen (your X server), then there is no isolation between those two apps. Even if they run as different user accounts! Even if they are somehow sandboxed by SELinux or whatever! None, zero, null, nil!

The X server architecture, designed long time ago by some happy hippies who just thought all the people apps are good and non-malicious, simply allows any GUI application to control any other one.

rest here




More in Tux Machines

Debian-Based Robolinux 8.6 Adds Over 275 Important Security and Software Updates

The developer of the Debian-based Robolinux computer operating system announced the release of the sixth maintenance update to the Robolinux 8 LTS "Raptor" series of his GNU/Linux distribution. Read more

Linux Kernel 4.8 Lands October 2 as Linus Torvalds Outs Last Release Candidate

It's still Sunday in U.S. so Linus Torvalds has just published his weekly announcement to inform us all about the availability of the eighth and last RC (Release Candidate) development snapshot of the upcoming Linux 4.8 kernel. Read more

Desktop virtualisation kit-calculator goes open source

The tool has gone through a number of iterations over the years, extending its capabilities to assess the infrastructure requirements of ever-more virtual desktops along the way while also keeping up with changes to VMware's Horizon and Citrix's XenDesktop. But Leibovici says he's now sufficiently busy that “Unfortunately I find myself without time to maintain the VDI calculator, therefore I decided that the best outcome would be to open-source the app and let the community drive maintenance and innovation.” Hence its publication under an Apache 2.0 licence here on GitHub. Read more

LXQt 0.11.0 Desktop Environment Arrives After Almost One Year of Development

After being in development for the past eleven months, the next major release of the lightweight, Qt-based LXQt desktop environment has been officially released and it's available for download. Read more