Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Sven Vermeulen <sven.vermeulen@××××××.be>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/
Date: Mon, 31 Dec 2012 23:19:48
Message-Id: 1356994670.a1d8e9e415aaa2607c4308cad2013b08ffadd544.SwifT@gentoo
1 commit: a1d8e9e415aaa2607c4308cad2013b08ffadd544
2 Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
3 AuthorDate: Mon Dec 31 22:57:50 2012 +0000
4 Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
5 CommitDate: Mon Dec 31 22:57:50 2012 +0000
6 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=a1d8e9e4
7
8 Support mozilla_dontaudit_use_fds and mozilla_send_dgram_plugin interfaces
9
10 ---
11 policy/modules/contrib/mozilla.if | 38 +++++++++++++++++++++++++++++++++++++
12 1 files changed, 38 insertions(+), 0 deletions(-)
13
14 diff --git a/policy/modules/contrib/mozilla.if b/policy/modules/contrib/mozilla.if
15 index 99130b9..ffda45d 100644
16 --- a/policy/modules/contrib/mozilla.if
17 +++ b/policy/modules/contrib/mozilla.if
18 @@ -611,3 +611,41 @@ interface(`mozilla_home_filetrans_plugin_home',`
19
20 userdom_user_home_dir_filetrans($1, mozilla_plugin_home_t, $2, $3)
21 ')
22 +
23 +# This is gentoo specific but cannot use ifdef distro_gentoo
24 +
25 +########################################
26 +## <summary>
27 +## Do not audit use of mozilla file descriptors
28 +## </summary>
29 +## <param name="domain">
30 +## <summary>
31 +## Domain to dont audit access from
32 +## </summary>
33 +## </param>
34 +#
35 +interface(`mozilla_dontaudit_use_fds',`
36 + gen_require(`
37 + type mozilla_t;
38 + ')
39 +
40 + dontaudit $1 mozilla_t:fd use;
41 +')
42 +
43 +########################################
44 +## <summary>
45 +## Send messages to mozilla plugin unix datagram sockets
46 +## </summary>
47 +## <param name="domain">
48 +## <summary>
49 +## Domain allowed access
50 +## </summary>
51 +## </param>
52 +#
53 +interface(`mozilla_send_dgram_plugin',`
54 + gen_require(`
55 + type mozilla_plugin_t;
56 + ')
57 +
58 + allow $1 mozilla_plugin_t:unix_dgram_socket sendto;
59 +')
Report Message
Find on MARC Find on Google Groups