Language Selection

English French German Italian Portuguese Spanish

The Linux Security Circus: On GUI isolation

Filed under
Linux

There certainly is one thing that most Linux users don't realize about their Linux systems... this is the lack of GUI-level isolation, and how it essentially nullifies all the desktop security.

So, let me stress this one more time: if you have two GUI applications, e.g. an OpenOffice Word Processor, and a stupid Tetris game, both of which granted access to your screen (your X server), then there is no isolation between those two apps. Even if they run as different user accounts! Even if they are somehow sandboxed by SELinux or whatever! None, zero, null, nil!

The X server architecture, designed long time ago by some happy hippies who just thought all the people apps are good and non-malicious, simply allows any GUI application to control any other one.

rest here




More in Tux Machines

SFLC represents FOSS developers at the OECD 2016 Ministerial Meeting on the Digital Economy: Innovation, Growth and Social Prosperity

On 21-23 June 2016, Ministers and stakeholders gathered in Cancún, Mexico, for an OECD Ministerial Meeting on the Digital Economy: Innovation, Growth and Social Prosperity, to move the digital agenda forward in four key policy areas foundational to the growth of the digital economy. Our Legal Director, Mishi Choudhary represented the United States civil society at the OECD Ministerial Panel on The Economic and Social Benefits of Internet Openness, chaired by the Canadian Minister of Innovation, Science, and Economic Development Hon’ble Navdeep Singh Bains. Read more

Today in Techrights

RaspEX Linux Based on Ubuntu 16.04 LTS Supports the Raspberry Pi Touch Display

After informing us the other day about the availability of a new release of his RaspAnd distro that brings the Android 6.0 Marshmallow operating system to Raspberry Pi 3 devices, Arne Exton is happy to announce that his RaspEX OS works with the official Raspberry Pi Touch Display. Read more