On 3/11/25 11:02, Enrico Weigelt, metux IT consult wrote:
Hello folks,
I'd like to let you know I'm working on a new Xserver extension that's
putting clients into different "namespaces", so they can be isolated
from each other.
The idea is a bit similar to Linux namespaces (containers), where
processes inside a container can operate quite like they've been alone
on the machine. XNS extension goes a similar way: clients of different
namespaces cant see/touch each other (except for those in parent NS'es)
In contrast to the old Xsecurity extension, XNS tries to emulate
prohibited things in a way that the client doesn't even recognize.
(several existing clients crashing when running unprivileged on
Xsecurity, since they're not expecting certain operations being
refused).
This sounds partially similar to the Trusted Solaris extension, which in
Solaris 10 and later relied on Solaris zones for the client isolation for
each "label", and returned fake success messages to reduce the breakage on
client applications (which I believe dates back to the original
"Less Insecure X" paper/prototype).
https://github.com/oracle/solaris-xorg/commit/612e18b3bceee995225b5ee067c7a1614dc7ff78
shows the removal of the source code for the X11 extension, so inverting
it would give the final state.
I believe Glenn Faden (the architect of Trusted Solaris) published some
papers on the design & implementation as well.
--
-Alan Coopersmith- [email protected]
Oracle Solaris Engineering - https://blogs.oracle.com/solaris
