Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Sven Vermeulen <sven.vermeulen@××××××.be>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/
Date: Tue, 27 Nov 2012 20:01:17
Message-Id: 1354046397.500977dd612f74a1d399d20e37ca2a7404dc1d41.SwifT@gentoo
1 commit: 500977dd612f74a1d399d20e37ca2a7404dc1d41
2 Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
3 AuthorDate: Tue Nov 27 19:59:57 2012 +0000
4 Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
5 CommitDate: Tue Nov 27 19:59:57 2012 +0000
6 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=500977dd
7
8 Reintroduce the read/manage user content permissions
9
10 Due to recent merging, the code to allow mozilla & mozilla plugin to read or
11 even manage the user content was removed. Reintroduce this as this is an
12 important setting for users.
13
14 ---
15 policy/modules/contrib/mozilla.te | 22 ++++++++++++++++++++++
16 1 files changed, 22 insertions(+), 0 deletions(-)
17
18 diff --git a/policy/modules/contrib/mozilla.te b/policy/modules/contrib/mozilla.te
19 index cb8745d..1371d4f 100644
20 --- a/policy/modules/contrib/mozilla.te
21 +++ b/policy/modules/contrib/mozilla.te
22 @@ -268,6 +268,13 @@ ifdef(`distro_gentoo',`
23 userdom_dontaudit_read_user_tmp_files(mozilla_t)
24 ')
25
26 + tunable_policy(`mozilla_manage_user_content',`
27 + userdom_manage_user_tmp_dirs(mozilla_t)
28 + userdom_manage_user_tmp_files(mozilla_t)
29 + userdom_manage_user_home_content_dirs(mozilla_t)
30 + userdom_manage_user_home_content_files(mozilla_t)
31 + ')
32 +
33 optional_policy(`
34 tunable_policy(`mozilla_use_java',`
35 #java_noatsecure_domtrans(mozilla_t)
36 @@ -545,6 +552,21 @@ ifdef(`distro_gentoo',`
37
38 xserver_user_x_domain_template(mozilla_plugin, mozilla_plugin_t, mozilla_plugin_tmpfs_t)
39
40 + tunable_policy(`mozilla_read_user_content',`
41 + userdom_list_user_tmp(mozilla_plugin_t)
42 + userdom_read_user_home_content_files(mozilla_plugin_t)
43 + userdom_read_user_home_content_symlinks(mozilla_plugin_t)
44 + userdom_read_user_tmp_files(mozilla_plugin_t)
45 + userdom_read_user_tmp_symlinks(mozilla_plugin_t)
46 + ')
47 +
48 + tunable_policy(`mozilla_manage_user_content',`
49 + userdom_manage_user_tmp_dirs(mozilla_plugin_t)
50 + userdom_manage_user_tmp_files(mozilla_plugin_t)
51 + userdom_manage_user_home_content_dirs(mozilla_plugin_t)
52 + userdom_manage_user_home_content_files(mozilla_plugin_t)
53 + ')
54 +
55 optional_policy(`
56 alsa_domain(mozilla_plugin_t, mozilla_plugin_tmpfs_t)
57 ')
Report Message
Find on MARC Find on Google Groups