The Trusted X Window System, Version 11, server starts at login. The server handles the workstation windowing system by using a trusted interprocess communication (IPC) path. Windows, properties, selections, and ToolTalk sessions are created at multiple sensitivity labels as separate and distinct objects. The creation of distinct objects at multiple sensitivity labels is called polyinstantiation. Applications that are created with Motif widgets, Xt Intrinsics, Xlib, and desktop interfaces run within the constraints of the security policy. These constraints are enforced by extensions to the X11 protocols.
Chapter 5, Trusted X Window System describes the programming interfaces that can access the security attribute information described in Trusted Extensions Security Policy. These programming interfaces can also be used to translate the labels and clearances to text. The text can be constrained by a specified width and font list for display in the Trusted X Window System.
The Trusted X Window System stores the following security attributes:
|
The Trusted Path flag identifies a window as a Trusted Path window. The Trusted Path window protects the system from being accessed by untrusted programs. This window is always the topmost window, such as the screen stripe or login window.
Appendix B, Trusted Extensions API Reference lists the extensions that you can use to create an X11 trusted IPC path.