[OpenIndiana-discuss] Anybody using Trusted JDS/Gnome?
Michael Stapleton
michael.stapleton at techsologic.com
Sat Jan 5 16:01:30 UTC 2013
The Organizations which use TX do not discuss the fact that they use TX.
That being said, those same organizations will not be using OI...
I personally really like TX. If you want actual security, it is the way
to go, but the problem with real security is that it really gets in the
way if you want to do anything, TX is only practical if your computer is
part of a larger network which is also running some type of multi-level
security scheme.
Bottom line, as much as I like TX I would not spend anytime maintaining
it on OI.
Mike
On Sat, 2013-01-05 at 14:48 +0100, Jim Klimov wrote:
> On 2013-01-05 12:29, lucadepandis at gmail.com wrote:
> > I never used Trusted Extensions in all my desktop OI installations.
> >
> > I think the lack of consumers reflects how much their are low important in a
> > desktop environment.
> >
> > IMHO they could be useful in a server environment, but in a desktop context i
> > think they are very useless and an additional work that could be deleted.
>
>
> I believe the TX may be needed to weigh in on an enterprise market
> for those possible customers who are required to comply to legal
> acts and/or who themselves wish to seperate access to different
> resources and networks while providing a single desktop without
> means to copy-paste data from windows belonging to different
> security labels. This is likely more relevant to terminal server
> environments (SunRays, XDMCP) than to single desktops, although
> in a corporate setting with centrally-controlled desktops this
> mileage may vary.
>
> That said, I think that the equivalent solution can be more simply
> be made today with VDI farms dedicated to each ex-label (subnet,
> etc.) and without allowing copy-paste and/or screenshots within
> the desktop environment.
>
> However, the TX do have a certain marketing baggage as a "proven"
> solution that might have once been certified to do the job and
> provide the "paper-protection" against audits for act-compliance.
> For certain customers the paper compliance does matter and cost
> more than actual (and perhaps better) protection which is not yet
> certified, and among similar solutions the certified and/or proven
> ones have a few bonus points.
>
> All that said, I don't really know anyone that uses TX today or
> in the past; I know of similar solutions made with SunRays by a
> company that ours is friends with. If the support is too hard to
> bear into the future (and lack of lab and real-life testing does
> make it harder), I think the code can be either left to wither
> until someone comes to bring it up to date, or carved out with
> some documented way to carve it back in should someone desire.
>
> My 2c,
> //Jim Klimov
>
>
> _______________________________________________
> OpenIndiana-discuss mailing list
> OpenIndiana-discuss at openindiana.org
> http://openindiana.org/mailman/listinfo/openindiana-discuss
More information about the OpenIndiana-discuss
mailing list