Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Sven Vermeulen <sven.vermeulen@××××××.be>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/
Date: Wed, 28 Nov 2012 20:23:04
Message-Id: 1354134018.ac6f15396ffcc42417bec54cec8f02233d133f1f.SwifT@gentoo
1 commit: ac6f15396ffcc42417bec54cec8f02233d133f1f
2 Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com>
3 AuthorDate: Wed Nov 28 16:45:11 2012 +0000
4 Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
5 CommitDate: Wed Nov 28 20:20:18 2012 +0000
6 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=ac6f1539
7
8 Changes to the accountsd policy module
9
10 Callers of accountsd_read_lib_files() can list accountsd_var_lib_t
11 directories
12
13 On initial boot for first user, accountsd could be handed a photo from
14 xdm_tmp_t directory
15
16 Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>
17
18 ---
19 policy/modules/contrib/accountsd.if | 1 +
20 policy/modules/contrib/accountsd.te | 6 +++++-
21 2 files changed, 6 insertions(+), 1 deletions(-)
22
23 diff --git a/policy/modules/contrib/accountsd.if b/policy/modules/contrib/accountsd.if
24 index 0bb2658..bd5ec9a 100644
25 --- a/policy/modules/contrib/accountsd.if
26 +++ b/policy/modules/contrib/accountsd.if
27 @@ -95,6 +95,7 @@ interface(`accountsd_read_lib_files',`
28 ')
29
30 files_search_var_lib($1)
31 + allow $1 accountsd_var_lib_t:dir list_dir_perms;
32 read_files_pattern($1, accountsd_var_lib_t, accountsd_var_lib_t)
33 ')
34
35
36 diff --git a/policy/modules/contrib/accountsd.te b/policy/modules/contrib/accountsd.te
37 index 9534a32..313b33f 100644
38 --- a/policy/modules/contrib/accountsd.te
39 +++ b/policy/modules/contrib/accountsd.te
40 @@ -1,4 +1,4 @@
41 -policy_module(accountsd, 1.0.4)
42 +policy_module(accountsd, 1.0.6)
43
44 gen_require(`
45 class passwd all_passwd_perms;
46 @@ -67,3 +67,7 @@ optional_policy(`
47 optional_policy(`
48 policykit_dbus_chat(accountsd_t)
49 ')
50 +
51 +optional_policy(`
52 + xserver_read_xdm_tmp_files(accountsd_t)
53 +')
Report Message
Find on MARC Find on Google Groups