wayland-keylogger VS refpolicy

Intercepting inputs meant for other apps is easy and it's already been done via LD_PRELOAD.

And all of this just for supposedly better "security", that can easily circumvented with trivial attacks.

Not in the same sense that there's a keylogger included with Windows, no. It's that it's easier to do on Xorg as opposed to Wayland. This isn't to say that it's impossible, however.

You can have keylogger on Wayland also without root priviledge. It's trivial: https://github.com/Aishou/wayland-keylogger

> you can still deliver different experiences at runtime — but you’re not likely to have the superuser privileges needed to run a leylogger or read ~/.ssh/id_rsa, etc, at that point.

Keyloggers are trivial to do in userspace Linux via LD_PRELOAD attacks[0], and typically your user account has permission to read ~/.ssh/id_rsa.

[0] https://github.com/Aishou/wayland-keylogger

I have read that bare Linux is totally insecure (https://github.com/Aishou/wayland-keylogger) unless you use some means of sandboxing. That's why I have been reading a lot about firejail, AppArmor, Tomoyo, etc.

Distributions often start with the SELinux reference policy rather than starting from scratch.

really? I don't mean understand how to apply a new label. I mean understand what the policies are and how they work, be able to create new ones that apply to you, and verify that the ones given to you by the distro are correct for your use. You're saying this is not hard to understand: https://github.com/SELinuxProject/refpolicy/blob/master/poli... ?

Otherwise you are blindly applying some black box.

selinux-refpolicy-src pulls from the original SELinux Project refpolicy repo and just install-src these, which just places all policies into appropriate directory and does nothing futher, i. e. doesn't compile them to make usable

https://github.com/SELinuxProject/refpolicy/blob/4412ad507c5880d9ff52fd376c23183cc9ae10b7/policy/support/misc_patterns.spt#L55

Of those distributions, only Fedora sets SELinux to enforcing by default. Moreover, AFAIK Fedora (+ RHEL and Android) are the only distributions that had wide testing of the reference policy [1] [2]. So, if you enable SELinux with the reference policy on the other distributions that you mention, it is likely that you will run into all kinds of issues.

[1] https://github.com/SELinuxProject/refpolicy

[2] https://github.com/fedora-selinux/selinux-policy

No default or reference policy is provided in openSUSE Leap. SELinux will not operate without a policy, so you must build and install one. The SELinux Reference Policy Project (https://github.com/SELinuxProject/refpolicy/wiki) should be helpful in providing examples and detailed information on creating your own policies, and this chapter also provides guidance on managing your SELinux policy.

Interesting. I don't have a red hat based system handy at the moment to compare since I'm on holiday. Maybe that's just how they set up shm? If you compare to Reference Policy, it appears that the getattr permission you asked about is granted there: https://github.com/SELinuxProject/refpolicy/blob/8a1bc98a31a9f2396f3c1389f43ffb10df31157f/policy/modules/system/systemd.te#L600