Date:   Sat, 12 Jan 2019 15:33:20 +0800
From:   Jason Zaman <jason@perfinion.com>
To:     Russell Coker <russell@coker.com.au>
Cc:     "selinux-refpolicy@vger.kernel.org" 
        <selinux-refpolicy@vger.kernel.org>
Subject: Re: [PATCH] s/mozilla/webbrowser/g
Message-ID: <20190112073320.GA40543@baraddur.perfinion.com>
References: <20190112051909.GA7745@xev>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20190112051909.GA7745@xev>
User-Agent: Mutt/1.10.1 (2018-07-13)
Sender: selinux-refpolicy-owner@vger.kernel.org
Precedence: bulk

On Sat, Jan 12, 2019 at 04:19:09PM +1100, Russell Coker wrote:
> This patch as requested renames mozilla to webbrowser and adds appropriate
> typealias rules.

Hm. the mozilla and chrome policies are pretty different tho. I dont
like this merging thing, I think we should keep mozilla_t and chromium_t
separate. I'm fixing up the gentoo chromium policy and i'll send it in a
couple hrs.

-- Jason

> 
> Index: refpolicy-2.20180701/policy/modules/apps/mozilla.te
> ===================================================================
> --- refpolicy-2.20180701.orig/policy/modules/apps/mozilla.te
> +++ refpolicy-2.20180701/policy/modules/apps/mozilla.te
> @@ -7,335 +7,346 @@ policy_module(mozilla, 2.14.1)
>  
>  ## <desc>
>  ##	<p>
> -##	Determine whether mozilla can
> +##	Determine whether web browser can
>  ##	make its stack executable.
>  ##	</p>
>  ## </desc>
> -gen_tunable(mozilla_execstack, false)
> +gen_tunable(webbrowser_execstack, false)
>  
> -attribute_role mozilla_roles;
> -attribute_role mozilla_plugin_roles;
> -attribute_role mozilla_plugin_config_roles;
> +attribute_role webbrowser_roles;
> +attribute_role webbrowser_plugin_roles;
> +attribute_role webbrowser_plugin_config_roles;
>  
> -type mozilla_t;
> -type mozilla_exec_t;
> -typealias mozilla_t alias { user_mozilla_t staff_mozilla_t sysadm_mozilla_t };
> -typealias mozilla_t alias { auditadm_mozilla_t secadm_mozilla_t };
> -userdom_user_application_domain(mozilla_t, mozilla_exec_t)
> -role mozilla_roles types mozilla_t;
> +type webbrowser_t;
> +type webbrowser_exec_t;
> +typealias webbrowser_t alias { user_mozilla_t staff_mozilla_t sysadm_mozilla_t };
> +typealias webbrowser_t alias { auditadm_mozilla_t secadm_mozilla_t mozilla_t };
> +typealias webbrowser_exec_t alias { mozilla_exec_t };
> +userdom_user_application_domain(webbrowser_t, webbrowser_exec_t)
> +role webbrowser_roles types webbrowser_t;
>  
>  optional_policy(`
> -	wm_application_domain(mozilla_t, mozilla_exec_t)
> +	wm_application_domain(webbrowser_t, webbrowser_exec_t)
>  ')
>  
> -type mozilla_home_t;
> -typealias mozilla_home_t alias { user_mozilla_home_t staff_mozilla_home_t sysadm_mozilla_home_t };
> -typealias mozilla_home_t alias { auditadm_mozilla_home_t secadm_mozilla_home_t };
> -userdom_user_home_content(mozilla_home_t)
> +type webbrowser_home_t;
> +typealias webbrowser_home_t alias { user_mozilla_home_t staff_mozilla_home_t sysadm_mozilla_home_t };
> +typealias webbrowser_home_t alias { auditadm_mozilla_home_t secadm_mozilla_home_t mozilla_home_t };
> +userdom_user_home_content(webbrowser_home_t)
>  
> -type mozilla_plugin_t;
> -type mozilla_plugin_exec_t;
> -userdom_user_application_domain(mozilla_plugin_t, mozilla_plugin_exec_t)
> -role mozilla_plugin_roles types mozilla_plugin_t;
> +type webbrowser_plugin_t;
> +type webbrowser_plugin_exec_t;
> +typealias webbrowser_plugin_t alias { mozilla_plugin_t };
> +typealias webbrowser_plugin_exec_t alias { mozilla_plugin_exec_t };
> +userdom_user_application_domain(webbrowser_plugin_t, webbrowser_plugin_exec_t)
> +role webbrowser_plugin_roles types webbrowser_plugin_t;
>  
> -type mozilla_plugin_home_t;
> -userdom_user_home_content(mozilla_plugin_home_t)
> +type webbrowser_plugin_home_t;
> +typealias webbrowser_plugin_home_t alias { mozilla_plugin_home_t };
> +userdom_user_home_content(webbrowser_plugin_home_t)
>  
> -type mozilla_plugin_tmp_t;
> -userdom_user_tmp_file(mozilla_plugin_tmp_t)
> +type webbrowser_plugin_tmp_t;
> +typealias webbrowser_plugin_tmp_t alias { mozilla_plugin_tmp_t };
> +userdom_user_tmp_file(webbrowser_plugin_tmp_t)
>  
> -type mozilla_plugin_tmpfs_t;
> -userdom_user_tmpfs_file(mozilla_plugin_tmpfs_t)
> +type webbrowser_plugin_tmpfs_t;
> +typealias webbrowser_plugin_tmpfs_t alias { mozilla_plugin_tmpfs_t };
> +userdom_user_tmpfs_file(webbrowser_plugin_tmpfs_t)
>  
>  optional_policy(`
> -	pulseaudio_tmpfs_content(mozilla_plugin_tmpfs_t)
> +	pulseaudio_tmpfs_content(webbrowser_plugin_tmpfs_t)
>  ')
>  
> -type mozilla_plugin_rw_t;
> -files_type(mozilla_plugin_rw_t)
> +type webbrowser_plugin_rw_t;
> +typealias webbrowser_plugin_rw_t alias { mozilla_plugin_rw_t };
> +files_type(webbrowser_plugin_rw_t)
>  
> -type mozilla_plugin_config_t;
> -type mozilla_plugin_config_exec_t;
> -userdom_user_application_domain(mozilla_plugin_config_t, mozilla_plugin_config_exec_t)
> -role mozilla_plugin_config_roles types mozilla_plugin_config_t;
> +type webbrowser_plugin_config_t;
> +typealias webbrowser_plugin_config_t alias { mozilla_plugin_config_t };
> +type webbrowser_plugin_config_exec_t;
> +typealias webbrowser_plugin_config_exec_t alias { mozilla_plugin_config_exec_t };
> +userdom_user_application_domain(webbrowser_plugin_config_t, webbrowser_plugin_config_exec_t)
> +role webbrowser_plugin_config_roles types webbrowser_plugin_config_t;
>  
> -type mozilla_tmp_t;
> -userdom_user_tmp_file(mozilla_tmp_t)
> +type webbrowser_tmp_t;
> +typealias webbrowser_tmp_t alias { mozilla_tmp_t };
> +userdom_user_tmp_file(webbrowser_tmp_t)
>  
> -type mozilla_tmpfs_t;
> -typealias mozilla_tmpfs_t alias { user_mozilla_tmpfs_t staff_mozilla_tmpfs_t sysadm_mozilla_tmpfs_t };
> -typealias mozilla_tmpfs_t alias { auditadm_mozilla_tmpfs_t secadm_mozilla_tmpfs_t };
> -userdom_user_tmpfs_file(mozilla_tmpfs_t)
> +type webbrowser_tmpfs_t;
> +typealias webbrowser_tmpfs_t alias { mozilla_tmpfs_t };
> +typealias webbrowser_tmpfs_t alias { user_mozilla_tmpfs_t staff_mozilla_tmpfs_t sysadm_mozilla_tmpfs_t };
> +typealias webbrowser_tmpfs_t alias { auditadm_mozilla_tmpfs_t secadm_mozilla_tmpfs_t };
> +userdom_user_tmpfs_file(webbrowser_tmpfs_t)
>  
>  optional_policy(`
> -	pulseaudio_tmpfs_content(mozilla_tmpfs_t)
> +	pulseaudio_tmpfs_content(webbrowser_tmpfs_t)
>  ')
>  
> -type mozilla_xdg_cache_t;
> -xdg_cache_content(mozilla_xdg_cache_t)
> +type webbrowser_xdg_cache_t;
> +xdg_cache_content(webbrowser_xdg_cache_t)
>  
>  ########################################
>  #
>  # Local policy
>  #
>  
> -allow mozilla_t self:capability { setgid setuid sys_nice };
> -allow mozilla_t self:process { sigkill signal setsched getsched setrlimit };
> -allow mozilla_t self:fifo_file rw_fifo_file_perms;
> -allow mozilla_t self:shm create_shm_perms;
> -allow mozilla_t self:sem create_sem_perms;
> -allow mozilla_t self:socket create_socket_perms;
> -allow mozilla_t self:unix_stream_socket { accept listen };
> -
> -allow mozilla_t mozilla_plugin_t:unix_stream_socket rw_socket_perms;
> -allow mozilla_t mozilla_plugin_t:fd use;
> -
> -allow mozilla_t { mozilla_home_t mozilla_plugin_home_t }:dir manage_dir_perms;
> -allow mozilla_t { mozilla_home_t mozilla_plugin_home_t }:file { manage_file_perms map };
> -allow mozilla_t mozilla_home_t:lnk_file manage_lnk_file_perms;
> -userdom_user_home_dir_filetrans(mozilla_t, mozilla_home_t, dir, ".galeon")
> -userdom_user_home_dir_filetrans(mozilla_t, mozilla_home_t, dir, ".mozilla")
> -userdom_user_home_dir_filetrans(mozilla_t, mozilla_home_t, dir, ".netscape")
> -userdom_user_home_dir_filetrans(mozilla_t, mozilla_home_t, dir, ".phoenix")
> -
> -filetrans_pattern(mozilla_t, mozilla_home_t, mozilla_plugin_home_t, dir, "plugins")
> -
> -manage_files_pattern(mozilla_t, mozilla_tmp_t, mozilla_tmp_t)
> -manage_lnk_files_pattern(mozilla_t, mozilla_tmp_t, mozilla_tmp_t)
> -manage_dirs_pattern(mozilla_t, mozilla_tmp_t, mozilla_tmp_t)
> -allow mozilla_t mozilla_tmp_t:file map;
> -files_tmp_filetrans(mozilla_t, mozilla_tmp_t, { file dir })
> -
> -manage_files_pattern(mozilla_t, mozilla_tmpfs_t, mozilla_tmpfs_t)
> -manage_lnk_files_pattern(mozilla_t, mozilla_tmpfs_t, mozilla_tmpfs_t)
> -manage_fifo_files_pattern(mozilla_t, mozilla_tmpfs_t, mozilla_tmpfs_t)
> -manage_sock_files_pattern(mozilla_t, mozilla_tmpfs_t, mozilla_tmpfs_t)
> -fs_tmpfs_filetrans(mozilla_t, mozilla_tmpfs_t, { file lnk_file sock_file fifo_file })
> -allow mozilla_t mozilla_plugin_tmpfs_t:file map;
> -
> -allow mozilla_t mozilla_plugin_rw_t:dir list_dir_perms;
> -allow mozilla_t mozilla_plugin_rw_t:file read_file_perms;
> -allow mozilla_t mozilla_plugin_rw_t:lnk_file read_lnk_file_perms;
> -
> -stream_connect_pattern(mozilla_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t, mozilla_plugin_t)
> -
> -manage_files_pattern(mozilla_t, mozilla_xdg_cache_t, mozilla_xdg_cache_t)
> -manage_dirs_pattern(mozilla_t, mozilla_xdg_cache_t, mozilla_xdg_cache_t)
> -xdg_cache_filetrans(mozilla_t, mozilla_xdg_cache_t, dir, "mozilla")
> -
> -can_exec(mozilla_t, { mozilla_exec_t mozilla_plugin_rw_t mozilla_plugin_home_t })
> -
> -kernel_read_kernel_sysctls(mozilla_t)
> -kernel_read_network_state(mozilla_t)
> -kernel_read_system_state(mozilla_t)
> -kernel_read_net_sysctls(mozilla_t)
> -
> -corecmd_list_bin(mozilla_t)
> -corecmd_exec_shell(mozilla_t)
> -corecmd_exec_bin(mozilla_t)
> -
> -corenet_all_recvfrom_unlabeled(mozilla_t)
> -corenet_all_recvfrom_netlabel(mozilla_t)
> -corenet_tcp_sendrecv_generic_if(mozilla_t)
> -corenet_tcp_sendrecv_generic_node(mozilla_t)
> -
> -corenet_sendrecv_http_client_packets(mozilla_t)
> -corenet_tcp_connect_http_port(mozilla_t)
> -corenet_tcp_sendrecv_http_port(mozilla_t)
> -
> -corenet_sendrecv_http_cache_client_packets(mozilla_t)
> -corenet_tcp_connect_http_cache_port(mozilla_t)
> -corenet_tcp_sendrecv_http_cache_port(mozilla_t)
> -
> -corenet_sendrecv_squid_client_packets(mozilla_t)
> -corenet_tcp_connect_squid_port(mozilla_t)
> -corenet_tcp_sendrecv_squid_port(mozilla_t)
> -
> -corenet_sendrecv_ftp_client_packets(mozilla_t)
> -corenet_tcp_connect_ftp_port(mozilla_t)
> -corenet_tcp_sendrecv_ftp_port(mozilla_t)
> -
> -corenet_sendrecv_ipp_client_packets(mozilla_t)
> -corenet_tcp_connect_ipp_port(mozilla_t)
> -corenet_tcp_sendrecv_ipp_port(mozilla_t)
> -
> -corenet_sendrecv_soundd_client_packets(mozilla_t)
> -corenet_tcp_connect_soundd_port(mozilla_t)
> -corenet_tcp_sendrecv_soundd_port(mozilla_t)
> -
> -corenet_sendrecv_speech_client_packets(mozilla_t)
> -corenet_tcp_connect_speech_port(mozilla_t)
> -corenet_tcp_sendrecv_speech_port(mozilla_t)
> -
> -dev_getattr_sysfs_dirs(mozilla_t)
> -dev_read_sysfs(mozilla_t)
> -dev_read_sound(mozilla_t)
> -dev_read_rand(mozilla_t)
> -dev_read_urand(mozilla_t)
> -dev_rw_dri(mozilla_t)
> -dev_write_sound(mozilla_t)
> -
> -domain_dontaudit_read_all_domains_state(mozilla_t)
> -
> -files_read_etc_runtime_files(mozilla_t)
> -files_map_usr_files(mozilla_t)
> -files_read_usr_files(mozilla_t)
> -files_read_var_files(mozilla_t)
> -files_read_var_lib_files(mozilla_t)
> -files_read_var_symlinks(mozilla_t)
> -files_dontaudit_getattr_boot_dirs(mozilla_t)
> -
> -fs_getattr_all_fs(mozilla_t)
> -fs_search_auto_mountpoints(mozilla_t)
> -fs_list_inotifyfs(mozilla_t)
> -fs_rw_tmpfs_files(mozilla_t)
> -
> -term_dontaudit_getattr_pty_dirs(mozilla_t)
> -
> -auth_use_nsswitch(mozilla_t)
> -
> -logging_send_syslog_msg(mozilla_t)
> -
> -miscfiles_read_fonts(mozilla_t)
> -miscfiles_read_generic_certs(mozilla_t)
> -miscfiles_read_localization(mozilla_t)
> -miscfiles_dontaudit_setattr_fonts_dirs(mozilla_t)
> -miscfiles_dontaudit_setattr_fonts_cache_dirs(mozilla_t)
> -
> -userdom_use_user_ptys(mozilla_t)
> -
> -userdom_manage_user_tmp_dirs(mozilla_t)
> -userdom_manage_user_tmp_files(mozilla_t)
> -userdom_map_user_tmp_files(mozilla_t)
> -
> -userdom_user_content_access_template(mozilla, { mozilla_t mozilla_plugin_t })
> -userdom_user_home_dir_filetrans_user_home_content(mozilla_t, { dir file })
> -
> -userdom_write_user_tmp_sockets(mozilla_t)
> -
> -mozilla_run_plugin(mozilla_t, mozilla_roles)
> -mozilla_run_plugin_config(mozilla_t, mozilla_roles)
> -
> -xdg_read_config_files(mozilla_t)
> -xdg_read_data_files(mozilla_t)
> -xdg_manage_downloads(mozilla_t)
> -
> -xserver_rw_mesa_shader_cache(mozilla_t)
> -xserver_user_x_domain_template(mozilla, mozilla_t, mozilla_tmpfs_t)
> -xserver_dontaudit_read_xdm_tmp_files(mozilla_t)
> -xserver_dontaudit_getattr_xdm_tmp_sockets(mozilla_t)
> +allow webbrowser_t self:capability { setgid setuid sys_nice };
> +allow webbrowser_t self:process { sigkill signal setsched getsched setrlimit };
> +allow webbrowser_t self:fifo_file rw_fifo_file_perms;
> +allow webbrowser_t self:shm create_shm_perms;
> +allow webbrowser_t self:sem create_sem_perms;
> +allow webbrowser_t self:socket create_socket_perms;
> +allow webbrowser_t self:unix_stream_socket { accept listen };
> +
> +allow webbrowser_t webbrowser_plugin_t:unix_stream_socket rw_socket_perms;
> +allow webbrowser_t webbrowser_plugin_t:fd use;
> +
> +allow webbrowser_t { webbrowser_home_t webbrowser_plugin_home_t }:dir manage_dir_perms;
> +allow webbrowser_t { webbrowser_home_t webbrowser_plugin_home_t }:file { manage_file_perms map };
> +allow webbrowser_t webbrowser_home_t:lnk_file manage_lnk_file_perms;
> +userdom_user_home_dir_filetrans(webbrowser_t, webbrowser_home_t, dir, ".galeon")
> +userdom_user_home_dir_filetrans(webbrowser_t, webbrowser_home_t, dir, ".mozilla")
> +userdom_user_home_dir_filetrans(webbrowser_t, webbrowser_home_t, dir, ".netscape")
> +userdom_user_home_dir_filetrans(webbrowser_t, webbrowser_home_t, dir, ".phoenix")
> +
> +filetrans_pattern(webbrowser_t, webbrowser_home_t, webbrowser_plugin_home_t, dir, "plugins")
> +
> +manage_files_pattern(webbrowser_t, webbrowser_tmp_t, webbrowser_tmp_t)
> +manage_lnk_files_pattern(webbrowser_t, webbrowser_tmp_t, webbrowser_tmp_t)
> +manage_dirs_pattern(webbrowser_t, webbrowser_tmp_t, webbrowser_tmp_t)
> +allow webbrowser_t webbrowser_tmp_t:file map;
> +files_tmp_filetrans(webbrowser_t, webbrowser_tmp_t, { file dir })
> +
> +manage_files_pattern(webbrowser_t, webbrowser_tmpfs_t, webbrowser_tmpfs_t)
> +manage_lnk_files_pattern(webbrowser_t, webbrowser_tmpfs_t, webbrowser_tmpfs_t)
> +manage_fifo_files_pattern(webbrowser_t, webbrowser_tmpfs_t, webbrowser_tmpfs_t)
> +manage_sock_files_pattern(webbrowser_t, webbrowser_tmpfs_t, webbrowser_tmpfs_t)
> +fs_tmpfs_filetrans(webbrowser_t, webbrowser_tmpfs_t, { file lnk_file sock_file fifo_file })
> +allow webbrowser_t webbrowser_plugin_tmpfs_t:file map;
> +
> +allow webbrowser_t webbrowser_plugin_rw_t:dir list_dir_perms;
> +allow webbrowser_t webbrowser_plugin_rw_t:file read_file_perms;
> +allow webbrowser_t webbrowser_plugin_rw_t:lnk_file read_lnk_file_perms;
> +
> +stream_connect_pattern(webbrowser_t, webbrowser_plugin_tmpfs_t, webbrowser_plugin_tmpfs_t, webbrowser_plugin_t)
> +
> +manage_files_pattern(webbrowser_t, webbrowser_xdg_cache_t, webbrowser_xdg_cache_t)
> +manage_dirs_pattern(webbrowser_t, webbrowser_xdg_cache_t, webbrowser_xdg_cache_t)
> +xdg_cache_filetrans(webbrowser_t, webbrowser_xdg_cache_t, dir, "mozilla")
> +
> +can_exec(webbrowser_t, { webbrowser_exec_t webbrowser_plugin_rw_t webbrowser_plugin_home_t })
> +
> +kernel_read_kernel_sysctls(webbrowser_t)
> +kernel_read_network_state(webbrowser_t)
> +kernel_read_system_state(webbrowser_t)
> +kernel_read_net_sysctls(webbrowser_t)
> +
> +corecmd_list_bin(webbrowser_t)
> +corecmd_exec_shell(webbrowser_t)
> +corecmd_exec_bin(webbrowser_t)
> +
> +corenet_all_recvfrom_unlabeled(webbrowser_t)
> +corenet_all_recvfrom_netlabel(webbrowser_t)
> +corenet_tcp_sendrecv_generic_if(webbrowser_t)
> +corenet_tcp_sendrecv_generic_node(webbrowser_t)
> +
> +corenet_sendrecv_http_client_packets(webbrowser_t)
> +corenet_tcp_connect_http_port(webbrowser_t)
> +corenet_tcp_sendrecv_http_port(webbrowser_t)
> +
> +corenet_sendrecv_http_cache_client_packets(webbrowser_t)
> +corenet_tcp_connect_http_cache_port(webbrowser_t)
> +corenet_tcp_sendrecv_http_cache_port(webbrowser_t)
> +
> +corenet_sendrecv_squid_client_packets(webbrowser_t)
> +corenet_tcp_connect_squid_port(webbrowser_t)
> +corenet_tcp_sendrecv_squid_port(webbrowser_t)
> +
> +corenet_sendrecv_ftp_client_packets(webbrowser_t)
> +corenet_tcp_connect_ftp_port(webbrowser_t)
> +corenet_tcp_sendrecv_ftp_port(webbrowser_t)
> +
> +corenet_sendrecv_ipp_client_packets(webbrowser_t)
> +corenet_tcp_connect_ipp_port(webbrowser_t)
> +corenet_tcp_sendrecv_ipp_port(webbrowser_t)
> +
> +corenet_sendrecv_soundd_client_packets(webbrowser_t)
> +corenet_tcp_connect_soundd_port(webbrowser_t)
> +corenet_tcp_sendrecv_soundd_port(webbrowser_t)
> +
> +corenet_sendrecv_speech_client_packets(webbrowser_t)
> +corenet_tcp_connect_speech_port(webbrowser_t)
> +corenet_tcp_sendrecv_speech_port(webbrowser_t)
> +
> +dev_getattr_sysfs_dirs(webbrowser_t)
> +dev_read_sysfs(webbrowser_t)
> +dev_read_sound(webbrowser_t)
> +dev_read_rand(webbrowser_t)
> +dev_read_urand(webbrowser_t)
> +dev_rw_dri(webbrowser_t)
> +dev_write_sound(webbrowser_t)
> +
> +domain_dontaudit_read_all_domains_state(webbrowser_t)
> +
> +files_read_etc_runtime_files(webbrowser_t)
> +files_map_usr_files(webbrowser_t)
> +files_read_usr_files(webbrowser_t)
> +files_read_var_files(webbrowser_t)
> +files_read_var_lib_files(webbrowser_t)
> +files_read_var_symlinks(webbrowser_t)
> +files_dontaudit_getattr_boot_dirs(webbrowser_t)
> +
> +fs_getattr_all_fs(webbrowser_t)
> +fs_search_auto_mountpoints(webbrowser_t)
> +fs_list_inotifyfs(webbrowser_t)
> +fs_rw_tmpfs_files(webbrowser_t)
> +
> +term_dontaudit_getattr_pty_dirs(webbrowser_t)
> +
> +auth_use_nsswitch(webbrowser_t)
> +
> +logging_send_syslog_msg(webbrowser_t)
> +
> +miscfiles_read_fonts(webbrowser_t)
> +miscfiles_read_generic_certs(webbrowser_t)
> +miscfiles_read_localization(webbrowser_t)
> +miscfiles_dontaudit_setattr_fonts_dirs(webbrowser_t)
> +miscfiles_dontaudit_setattr_fonts_cache_dirs(webbrowser_t)
> +
> +userdom_use_user_ptys(webbrowser_t)
> +
> +userdom_manage_user_tmp_dirs(webbrowser_t)
> +userdom_manage_user_tmp_files(webbrowser_t)
> +userdom_map_user_tmp_files(webbrowser_t)
> +
> +userdom_user_content_access_template(webbrowser, { webbrowser_t webbrowser_plugin_t })
> +userdom_user_home_dir_filetrans_user_home_content(webbrowser_t, { dir file })
> +
> +userdom_write_user_tmp_sockets(webbrowser_t)
> +
> +webbrowser_run_plugin(webbrowser_t, webbrowser_roles)
> +webbrowser_run_plugin_config(webbrowser_t, webbrowser_roles)
> +
> +xdg_read_config_files(webbrowser_t)
> +xdg_read_data_files(webbrowser_t)
> +xdg_manage_downloads(webbrowser_t)
> +
> +xserver_rw_mesa_shader_cache(webbrowser_t)
> +xserver_user_x_domain_template(webbrowser, webbrowser_t, webbrowser_tmpfs_t)
> +xserver_dontaudit_read_xdm_tmp_files(webbrowser_t)
> +xserver_dontaudit_getattr_xdm_tmp_sockets(webbrowser_t)
>  
>  ifndef(`enable_mls',`
> -	fs_list_dos(mozilla_t)
> -	fs_read_dos_files(mozilla_t)
> +	fs_list_dos(webbrowser_t)
> +	fs_read_dos_files(webbrowser_t)
>  
> -	fs_search_removable(mozilla_t)
> -	fs_read_removable_files(mozilla_t)
> -	fs_read_removable_symlinks(mozilla_t)
> +	fs_search_removable(webbrowser_t)
> +	fs_read_removable_files(webbrowser_t)
> +	fs_read_removable_symlinks(webbrowser_t)
>  
> -	fs_read_iso9660_files(mozilla_t)
> +	fs_read_iso9660_files(webbrowser_t)
>  ')
>  
>  tunable_policy(`allow_execmem',`
> -	allow mozilla_t self:process execmem;
> +	allow webbrowser_t self:process execmem;
>  ')
>  
> -tunable_policy(`mozilla_execstack',`
> -	allow mozilla_t self:process { execmem execstack };
> +tunable_policy(`webbrowser_execstack',`
> +	allow webbrowser_t self:process { execmem execstack };
>  ')
>  
>  tunable_policy(`use_nfs_home_dirs',`
> -	fs_manage_nfs_dirs(mozilla_t)
> -	fs_manage_nfs_files(mozilla_t)
> -	fs_manage_nfs_symlinks(mozilla_t)
> +	fs_manage_nfs_dirs(webbrowser_t)
> +	fs_manage_nfs_files(webbrowser_t)
> +	fs_manage_nfs_symlinks(webbrowser_t)
>  ')
>  
>  tunable_policy(`use_samba_home_dirs',`
> -	fs_manage_cifs_dirs(mozilla_t)
> -	fs_manage_cifs_files(mozilla_t)
> -	fs_manage_cifs_symlinks(mozilla_t)
> +	fs_manage_cifs_dirs(webbrowser_t)
> +	fs_manage_cifs_files(webbrowser_t)
> +	fs_manage_cifs_symlinks(webbrowser_t)
>  ')
>  
>  optional_policy(`
> -	alsa_read_config(mozilla_t)
> -	alsa_read_home_files(mozilla_t)
> +	alsa_read_config(webbrowser_t)
> +	alsa_read_home_files(webbrowser_t)
>  ')
>  
>  optional_policy(`
> -	apache_read_user_scripts(mozilla_t)
> -	apache_read_user_content(mozilla_t)
> +	apache_read_user_scripts(webbrowser_t)
> +	apache_read_user_content(webbrowser_t)
>  ')
>  
>  optional_policy(`
> -	automount_dontaudit_getattr_tmp_dirs(mozilla_t)
> +	automount_dontaudit_getattr_tmp_dirs(webbrowser_t)
>  ')
>  
>  optional_policy(`
> -	cups_read_rw_config(mozilla_t)
> -	cups_stream_connect(mozilla_t)
> +	cups_read_rw_config(webbrowser_t)
> +	cups_stream_connect(webbrowser_t)
>  ')
>  
>  optional_policy(`
> -	dbus_all_session_bus_client(mozilla_t)
> -	dbus_connect_all_session_bus(mozilla_t)
> -	dbus_system_bus_client(mozilla_t)
> +	dbus_all_session_bus_client(webbrowser_t)
> +	dbus_connect_all_session_bus(webbrowser_t)
> +	dbus_system_bus_client(webbrowser_t)
>  
>  	optional_policy(`
> -		cups_dbus_chat(mozilla_t)
> +		cups_dbus_chat(webbrowser_t)
>  	')
>  
>  	optional_policy(`
> -		mozilla_dbus_chat_plugin(mozilla_t)
> +		webbrowser_dbus_chat_plugin(webbrowser_t)
>  	')
>  
>  	optional_policy(`
> -		networkmanager_dbus_chat(mozilla_t)
> +		networkmanager_dbus_chat(webbrowser_t)
>  	')
>  ')
>  
>  optional_policy(`
> -	evolution_domtrans(mozilla_t)
> +	evolution_domtrans(webbrowser_t)
>  ')
>  
>  optional_policy(`
> -	gnome_stream_connect_gconf(mozilla_t)
> -	gnome_manage_generic_gconf_home_content(mozilla_t)
> -	gnome_home_filetrans_gconf_home(mozilla_t, dir, ".gconf")
> -	gnome_home_filetrans_gconf_home(mozilla_t, dir, ".gconfd")
> -	gnome_manage_generic_home_content(mozilla_t)
> -	gnome_home_filetrans_gnome_home(mozilla_t, dir, ".gnome")
> -	gnome_home_filetrans_gnome_home(mozilla_t, dir, ".gnome2")
> -	gnome_home_filetrans_gnome_home(mozilla_t, dir, ".gnome2_private")
> +	gnome_stream_connect_gconf(webbrowser_t)
> +	gnome_manage_generic_gconf_home_content(webbrowser_t)
> +	gnome_home_filetrans_gconf_home(webbrowser_t, dir, ".gconf")
> +	gnome_home_filetrans_gconf_home(webbrowser_t, dir, ".gconfd")
> +	gnome_manage_generic_home_content(webbrowser_t)
> +	gnome_home_filetrans_gnome_home(webbrowser_t, dir, ".gnome")
> +	gnome_home_filetrans_gnome_home(webbrowser_t, dir, ".gnome2")
> +	gnome_home_filetrans_gnome_home(webbrowser_t, dir, ".gnome2_private")
>  ')
>  
>  optional_policy(`
> -	java_exec(mozilla_t)
> -	java_manage_generic_home_content(mozilla_t)
> -	java_manage_java_tmp(mozilla_t)
> -	java_home_filetrans_java_home(mozilla_t, dir, ".java")
> +	java_exec(webbrowser_t)
> +	java_manage_generic_home_content(webbrowser_t)
> +	java_manage_java_tmp(webbrowser_t)
> +	java_home_filetrans_java_home(webbrowser_t, dir, ".java")
>  ')
>  
>  optional_policy(`
> -	lpd_run_lpr(mozilla_t, mozilla_roles)
> +	lpd_run_lpr(webbrowser_t, webbrowser_roles)
>  ')
>  
>  optional_policy(`
> -	mplayer_exec(mozilla_t)
> -	mplayer_manage_generic_home_content(mozilla_t)
> -	mplayer_home_filetrans_mplayer_home(mozilla_t, dir, ".mplayer")
> +	mplayer_exec(webbrowser_t)
> +	mplayer_manage_generic_home_content(webbrowser_t)
> +	mplayer_home_filetrans_mplayer_home(webbrowser_t, dir, ".mplayer")
>  ')
>  
>  optional_policy(`
> -	ooffice_domtrans(mozilla_t)
> -	ooffice_rw_tmp_files(mozilla_t)
> +	ooffice_domtrans(webbrowser_t)
> +	ooffice_rw_tmp_files(webbrowser_t)
>  ')
>  
>  optional_policy(`
> -	pulseaudio_run(mozilla_t, mozilla_roles)
> +	pulseaudio_run(webbrowser_t, webbrowser_roles)
>  ')
>  
>  optional_policy(`
> -	thunderbird_domtrans(mozilla_t)
> +	thunderbird_domtrans(webbrowser_t)
>  ')
>  
>  ########################################
> @@ -343,282 +354,282 @@ optional_policy(`
>  # Plugin local policy
>  #
>  
> -dontaudit mozilla_plugin_t self:capability { ipc_lock sys_nice sys_ptrace sys_tty_config };
> -allow mozilla_plugin_t self:process { setpgid getsched setsched signal_perms setrlimit };
> -allow mozilla_plugin_t self:fifo_file manage_fifo_file_perms;
> -allow mozilla_plugin_t self:netlink_kobject_uevent_socket create_socket_perms;
> -allow mozilla_plugin_t self:sem create_sem_perms;
> -allow mozilla_plugin_t self:shm create_shm_perms;
> -allow mozilla_plugin_t self:tcp_socket { accept listen };
> -allow mozilla_plugin_t self:unix_stream_socket { accept connectto listen };
> -
> -allow mozilla_plugin_t mozilla_t:unix_stream_socket rw_socket_perms;
> -allow mozilla_plugin_t mozilla_t:unix_dgram_socket rw_socket_perms;
> -allow mozilla_plugin_t mozilla_t:shm { rw_shm_perms destroy };
> -allow mozilla_plugin_t mozilla_t:sem create_sem_perms;
> -
> -manage_dirs_pattern(mozilla_plugin_t, { mozilla_home_t mozilla_plugin_home_t }, { mozilla_home_t mozilla_plugin_home_t })
> -manage_files_pattern(mozilla_plugin_t, { mozilla_home_t mozilla_plugin_home_t }, mozilla_plugin_home_t)
> -manage_lnk_files_pattern(mozilla_plugin_t, { mozilla_home_t mozilla_plugin_home_t }, mozilla_plugin_home_t)
> -allow mozilla_plugin_t mozilla_home_t:file map;
> -
> -userdom_user_home_dir_filetrans(mozilla_plugin_t, mozilla_home_t, dir, ".galeon")
> -userdom_user_home_dir_filetrans(mozilla_plugin_t, mozilla_home_t, dir, ".mozilla")
> -userdom_user_home_dir_filetrans(mozilla_plugin_t, mozilla_home_t, dir, ".netscape")
> -userdom_user_home_dir_filetrans(mozilla_plugin_t, mozilla_home_t, dir, ".phoenix")
> -
> -userdom_user_home_dir_filetrans(mozilla_plugin_t, mozilla_plugin_home_t, dir, ".adobe")
> -userdom_user_home_dir_filetrans(mozilla_plugin_t, mozilla_plugin_home_t, dir, ".macromedia")
> -userdom_user_home_dir_filetrans(mozilla_plugin_t, mozilla_plugin_home_t, dir, ".gnash")
> -userdom_user_home_dir_filetrans(mozilla_plugin_t, mozilla_plugin_home_t, dir, ".gcjwebplugin")
> -userdom_user_home_dir_filetrans(mozilla_plugin_t, mozilla_plugin_home_t, dir, ".icedteaplugin")
> -userdom_user_home_dir_filetrans(mozilla_plugin_t, mozilla_plugin_home_t, dir, ".spicec")
> -userdom_user_home_dir_filetrans(mozilla_plugin_t, mozilla_plugin_home_t, dir, ".ICAClient")
> -userdom_user_home_dir_filetrans(mozilla_plugin_t, mozilla_plugin_home_t, dir, "zimbrauserdata")
> -
> -filetrans_pattern(mozilla_plugin_t, mozilla_home_t, mozilla_plugin_home_t, dir, "plugins")
> -
> -manage_dirs_pattern(mozilla_plugin_t, mozilla_plugin_tmp_t, mozilla_plugin_tmp_t)
> -manage_files_pattern(mozilla_plugin_t, mozilla_plugin_tmp_t, mozilla_plugin_tmp_t)
> -manage_fifo_files_pattern(mozilla_plugin_t, mozilla_plugin_tmp_t, mozilla_plugin_tmp_t)
> -files_tmp_filetrans(mozilla_plugin_t, mozilla_plugin_tmp_t, { dir file fifo_file })
> -userdom_user_tmp_filetrans(mozilla_plugin_t, mozilla_plugin_tmp_t, { dir file fifo_file })
> -
> -allow mozilla_plugin_t mozilla_tmp_t:file rw_file_perms;
> -
> -manage_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t)
> -manage_lnk_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t)
> -manage_fifo_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t)
> -manage_sock_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t)
> -fs_tmpfs_filetrans(mozilla_plugin_t, mozilla_plugin_tmpfs_t, { file lnk_file sock_file fifo_file })
> -
> -allow mozilla_plugin_t mozilla_plugin_rw_t:dir list_dir_perms;
> -allow mozilla_plugin_t mozilla_plugin_rw_t:file read_file_perms;
> -allow mozilla_plugin_t mozilla_plugin_rw_t:lnk_file read_lnk_file_perms;
> -
> -dgram_send_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t, mozilla_t)
> -stream_connect_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t, mozilla_t)
> -
> -can_exec(mozilla_plugin_t, { mozilla_exec_t mozilla_plugin_home_t mozilla_plugin_tmp_t })
> -
> -kernel_read_all_sysctls(mozilla_plugin_t)
> -kernel_read_system_state(mozilla_plugin_t)
> -kernel_read_network_state(mozilla_plugin_t)
> -kernel_request_load_module(mozilla_plugin_t)
> -kernel_dontaudit_getattr_core_if(mozilla_plugin_t)
> -
> -corecmd_exec_bin(mozilla_plugin_t)
> -corecmd_exec_shell(mozilla_plugin_t)
> -
> -corenet_all_recvfrom_netlabel(mozilla_plugin_t)
> -corenet_all_recvfrom_unlabeled(mozilla_plugin_t)
> -corenet_tcp_sendrecv_generic_if(mozilla_plugin_t)
> -corenet_tcp_sendrecv_generic_node(mozilla_plugin_t)
> -
> -corenet_sendrecv_asterisk_client_packets(mozilla_plugin_t)
> -corenet_tcp_connect_asterisk_port(mozilla_plugin_t)
> -corenet_tcp_sendrecv_asterisk_port(mozilla_plugin_t)
> -
> -corenet_sendrecv_ftp_client_packets(mozilla_plugin_t)
> -corenet_tcp_connect_ftp_port(mozilla_plugin_t)
> -corenet_tcp_sendrecv_ftp_port(mozilla_plugin_t)
> -
> -corenet_sendrecv_gatekeeper_client_packets(mozilla_plugin_t)
> -corenet_tcp_connect_gatekeeper_port(mozilla_plugin_t)
> -corenet_tcp_sendrecv_gatekeeper_port(mozilla_plugin_t)
> -
> -corenet_sendrecv_http_client_packets(mozilla_plugin_t)
> -corenet_tcp_connect_http_port(mozilla_plugin_t)
> -corenet_tcp_sendrecv_http_port(mozilla_plugin_t)
> -
> -corenet_sendrecv_http_cache_client_packets(mozilla_plugin_t)
> -corenet_tcp_connect_http_cache_port(mozilla_plugin_t)
> -corenet_tcp_sendrecv_http_cache_port(mozilla_plugin_t)
> -
> -corenet_sendrecv_ipp_client_packets(mozilla_plugin_t)
> -corenet_tcp_connect_ipp_port(mozilla_plugin_t)
> -corenet_tcp_sendrecv_ipp_port(mozilla_plugin_t)
> -
> -corenet_sendrecv_ircd_client_packets(mozilla_plugin_t)
> -corenet_tcp_connect_ircd_port(mozilla_plugin_t)
> -corenet_tcp_sendrecv_ircd_port(mozilla_plugin_t)
> -
> -corenet_sendrecv_jabber_client_client_packets(mozilla_plugin_t)
> -corenet_tcp_connect_jabber_client_port(mozilla_plugin_t)
> -corenet_tcp_sendrecv_jabber_client_port(mozilla_plugin_t)
> -
> -corenet_sendrecv_mmcc_client_packets(mozilla_plugin_t)
> -corenet_tcp_connect_mmcc_port(mozilla_plugin_t)
> -corenet_tcp_sendrecv_mmcc_port(mozilla_plugin_t)
> -
> -corenet_sendrecv_monopd_client_packets(mozilla_plugin_t)
> -corenet_tcp_connect_monopd_port(mozilla_plugin_t)
> -corenet_tcp_sendrecv_monopd_port(mozilla_plugin_t)
> -
> -corenet_sendrecv_soundd_client_packets(mozilla_plugin_t)
> -corenet_tcp_connect_soundd_port(mozilla_plugin_t)
> -corenet_tcp_sendrecv_soundd_port(mozilla_plugin_t)
> -
> -corenet_sendrecv_speech_client_packets(mozilla_plugin_t)
> -corenet_tcp_connect_speech_port(mozilla_plugin_t)
> -corenet_tcp_sendrecv_speech_port(mozilla_plugin_t)
> -
> -corenet_sendrecv_squid_client_packets(mozilla_plugin_t)
> -corenet_tcp_connect_squid_port(mozilla_plugin_t)
> -corenet_tcp_sendrecv_squid_port(mozilla_plugin_t)
> -
> -corenet_sendrecv_vnc_client_packets(mozilla_plugin_t)
> -corenet_tcp_connect_vnc_port(mozilla_plugin_t)
> -corenet_tcp_sendrecv_vnc_port(mozilla_plugin_t)
> -
> -dev_read_generic_usb_dev(mozilla_plugin_t)
> -dev_read_rand(mozilla_plugin_t)
> -dev_read_realtime_clock(mozilla_plugin_t)
> -dev_read_sound(mozilla_plugin_t)
> -dev_read_sysfs(mozilla_plugin_t)
> -dev_read_urand(mozilla_plugin_t)
> -dev_read_video_dev(mozilla_plugin_t)
> -dev_write_sound(mozilla_plugin_t)
> -dev_write_video_dev(mozilla_plugin_t)
> -dev_rw_dri(mozilla_plugin_t)
> -dev_rw_xserver_misc(mozilla_plugin_t)
> -
> -dev_dontaudit_getattr_generic_files(mozilla_plugin_t)
> -dev_dontaudit_getattr_generic_pipes(mozilla_plugin_t)
> -dev_dontaudit_getattr_all_blk_files(mozilla_plugin_t)
> -dev_dontaudit_getattr_all_chr_files(mozilla_plugin_t)
> -
> -domain_use_interactive_fds(mozilla_plugin_t)
> -domain_dontaudit_read_all_domains_state(mozilla_plugin_t)
> -
> -files_exec_usr_files(mozilla_plugin_t)
> -files_list_mnt(mozilla_plugin_t)
> -files_read_config_files(mozilla_plugin_t)
> -files_read_usr_files(mozilla_plugin_t)
> -files_map_usr_files(mozilla_plugin_t)
> -
> -fs_getattr_all_fs(mozilla_plugin_t)
> -# fs_read_hugetlbfs_files(mozilla_plugin_t)
> -fs_search_auto_mountpoints(mozilla_plugin_t)
> -
> -term_getattr_all_ttys(mozilla_plugin_t)
> -term_getattr_all_ptys(mozilla_plugin_t)
> -
> -application_exec(mozilla_plugin_t)
> -
> -auth_use_nsswitch(mozilla_plugin_t)
> -
> -libs_exec_ld_so(mozilla_plugin_t)
> -libs_exec_lib_files(mozilla_plugin_t)
> -
> -logging_send_syslog_msg(mozilla_plugin_t)
> -
> -miscfiles_read_localization(mozilla_plugin_t)
> -miscfiles_read_fonts(mozilla_plugin_t)
> -miscfiles_read_generic_certs(mozilla_plugin_t)
> -miscfiles_dontaudit_setattr_fonts_dirs(mozilla_plugin_t)
> -miscfiles_dontaudit_setattr_fonts_cache_dirs(mozilla_plugin_t)
> -
> -userdom_manage_user_tmp_dirs(mozilla_plugin_t)
> -userdom_manage_user_tmp_files(mozilla_plugin_t)
> -userdom_map_user_tmp_files(mozilla_plugin_t)
> +dontaudit webbrowser_plugin_t self:capability { ipc_lock sys_nice sys_ptrace sys_tty_config };
> +allow webbrowser_plugin_t self:process { setpgid getsched setsched signal_perms setrlimit };
> +allow webbrowser_plugin_t self:fifo_file manage_fifo_file_perms;
> +allow webbrowser_plugin_t self:netlink_kobject_uevent_socket create_socket_perms;
> +allow webbrowser_plugin_t self:sem create_sem_perms;
> +allow webbrowser_plugin_t self:shm create_shm_perms;
> +allow webbrowser_plugin_t self:tcp_socket { accept listen };
> +allow webbrowser_plugin_t self:unix_stream_socket { accept connectto listen };
> +
> +allow webbrowser_plugin_t webbrowser_t:unix_stream_socket rw_socket_perms;
> +allow webbrowser_plugin_t webbrowser_t:unix_dgram_socket rw_socket_perms;
> +allow webbrowser_plugin_t webbrowser_t:shm { rw_shm_perms destroy };
> +allow webbrowser_plugin_t webbrowser_t:sem create_sem_perms;
> +
> +manage_dirs_pattern(webbrowser_plugin_t, { webbrowser_home_t webbrowser_plugin_home_t }, { webbrowser_home_t webbrowser_plugin_home_t })
> +manage_files_pattern(webbrowser_plugin_t, { webbrowser_home_t webbrowser_plugin_home_t }, webbrowser_plugin_home_t)
> +manage_lnk_files_pattern(webbrowser_plugin_t, { webbrowser_home_t webbrowser_plugin_home_t }, webbrowser_plugin_home_t)
> +allow webbrowser_plugin_t webbrowser_home_t:file map;
> +
> +userdom_user_home_dir_filetrans(webbrowser_plugin_t, webbrowser_home_t, dir, ".galeon")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_t, webbrowser_home_t, dir, ".mozilla")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_t, webbrowser_home_t, dir, ".netscape")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_t, webbrowser_home_t, dir, ".phoenix")
> +
> +userdom_user_home_dir_filetrans(webbrowser_plugin_t, webbrowser_plugin_home_t, dir, ".adobe")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_t, webbrowser_plugin_home_t, dir, ".macromedia")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_t, webbrowser_plugin_home_t, dir, ".gnash")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_t, webbrowser_plugin_home_t, dir, ".gcjwebplugin")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_t, webbrowser_plugin_home_t, dir, ".icedteaplugin")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_t, webbrowser_plugin_home_t, dir, ".spicec")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_t, webbrowser_plugin_home_t, dir, ".ICAClient")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_t, webbrowser_plugin_home_t, dir, "zimbrauserdata")
> +
> +filetrans_pattern(webbrowser_plugin_t, webbrowser_home_t, webbrowser_plugin_home_t, dir, "plugins")
> +
> +manage_dirs_pattern(webbrowser_plugin_t, webbrowser_plugin_tmp_t, webbrowser_plugin_tmp_t)
> +manage_files_pattern(webbrowser_plugin_t, webbrowser_plugin_tmp_t, webbrowser_plugin_tmp_t)
> +manage_fifo_files_pattern(webbrowser_plugin_t, webbrowser_plugin_tmp_t, webbrowser_plugin_tmp_t)
> +files_tmp_filetrans(webbrowser_plugin_t, webbrowser_plugin_tmp_t, { dir file fifo_file })
> +userdom_user_tmp_filetrans(webbrowser_plugin_t, webbrowser_plugin_tmp_t, { dir file fifo_file })
> +
> +allow webbrowser_plugin_t webbrowser_tmp_t:file rw_file_perms;
> +
> +manage_files_pattern(webbrowser_plugin_t, webbrowser_plugin_tmpfs_t, webbrowser_plugin_tmpfs_t)
> +manage_lnk_files_pattern(webbrowser_plugin_t, webbrowser_plugin_tmpfs_t, webbrowser_plugin_tmpfs_t)
> +manage_fifo_files_pattern(webbrowser_plugin_t, webbrowser_plugin_tmpfs_t, webbrowser_plugin_tmpfs_t)
> +manage_sock_files_pattern(webbrowser_plugin_t, webbrowser_plugin_tmpfs_t, webbrowser_plugin_tmpfs_t)
> +fs_tmpfs_filetrans(webbrowser_plugin_t, webbrowser_plugin_tmpfs_t, { file lnk_file sock_file fifo_file })
> +
> +allow webbrowser_plugin_t webbrowser_plugin_rw_t:dir list_dir_perms;
> +allow webbrowser_plugin_t webbrowser_plugin_rw_t:file read_file_perms;
> +allow webbrowser_plugin_t webbrowser_plugin_rw_t:lnk_file read_lnk_file_perms;
> +
> +dgram_send_pattern(webbrowser_plugin_t, webbrowser_plugin_tmpfs_t, webbrowser_plugin_tmpfs_t, webbrowser_t)
> +stream_connect_pattern(webbrowser_plugin_t, webbrowser_plugin_tmpfs_t, webbrowser_plugin_tmpfs_t, webbrowser_t)
> +
> +can_exec(webbrowser_plugin_t, { webbrowser_exec_t webbrowser_plugin_home_t webbrowser_plugin_tmp_t })
> +
> +kernel_read_all_sysctls(webbrowser_plugin_t)
> +kernel_read_system_state(webbrowser_plugin_t)
> +kernel_read_network_state(webbrowser_plugin_t)
> +kernel_request_load_module(webbrowser_plugin_t)
> +kernel_dontaudit_getattr_core_if(webbrowser_plugin_t)
> +
> +corecmd_exec_bin(webbrowser_plugin_t)
> +corecmd_exec_shell(webbrowser_plugin_t)
> +
> +corenet_all_recvfrom_netlabel(webbrowser_plugin_t)
> +corenet_all_recvfrom_unlabeled(webbrowser_plugin_t)
> +corenet_tcp_sendrecv_generic_if(webbrowser_plugin_t)
> +corenet_tcp_sendrecv_generic_node(webbrowser_plugin_t)
> +
> +corenet_sendrecv_asterisk_client_packets(webbrowser_plugin_t)
> +corenet_tcp_connect_asterisk_port(webbrowser_plugin_t)
> +corenet_tcp_sendrecv_asterisk_port(webbrowser_plugin_t)
> +
> +corenet_sendrecv_ftp_client_packets(webbrowser_plugin_t)
> +corenet_tcp_connect_ftp_port(webbrowser_plugin_t)
> +corenet_tcp_sendrecv_ftp_port(webbrowser_plugin_t)
> +
> +corenet_sendrecv_gatekeeper_client_packets(webbrowser_plugin_t)
> +corenet_tcp_connect_gatekeeper_port(webbrowser_plugin_t)
> +corenet_tcp_sendrecv_gatekeeper_port(webbrowser_plugin_t)
> +
> +corenet_sendrecv_http_client_packets(webbrowser_plugin_t)
> +corenet_tcp_connect_http_port(webbrowser_plugin_t)
> +corenet_tcp_sendrecv_http_port(webbrowser_plugin_t)
> +
> +corenet_sendrecv_http_cache_client_packets(webbrowser_plugin_t)
> +corenet_tcp_connect_http_cache_port(webbrowser_plugin_t)
> +corenet_tcp_sendrecv_http_cache_port(webbrowser_plugin_t)
> +
> +corenet_sendrecv_ipp_client_packets(webbrowser_plugin_t)
> +corenet_tcp_connect_ipp_port(webbrowser_plugin_t)
> +corenet_tcp_sendrecv_ipp_port(webbrowser_plugin_t)
> +
> +corenet_sendrecv_ircd_client_packets(webbrowser_plugin_t)
> +corenet_tcp_connect_ircd_port(webbrowser_plugin_t)
> +corenet_tcp_sendrecv_ircd_port(webbrowser_plugin_t)
> +
> +corenet_sendrecv_jabber_client_client_packets(webbrowser_plugin_t)
> +corenet_tcp_connect_jabber_client_port(webbrowser_plugin_t)
> +corenet_tcp_sendrecv_jabber_client_port(webbrowser_plugin_t)
> +
> +corenet_sendrecv_mmcc_client_packets(webbrowser_plugin_t)
> +corenet_tcp_connect_mmcc_port(webbrowser_plugin_t)
> +corenet_tcp_sendrecv_mmcc_port(webbrowser_plugin_t)
> +
> +corenet_sendrecv_monopd_client_packets(webbrowser_plugin_t)
> +corenet_tcp_connect_monopd_port(webbrowser_plugin_t)
> +corenet_tcp_sendrecv_monopd_port(webbrowser_plugin_t)
> +
> +corenet_sendrecv_soundd_client_packets(webbrowser_plugin_t)
> +corenet_tcp_connect_soundd_port(webbrowser_plugin_t)
> +corenet_tcp_sendrecv_soundd_port(webbrowser_plugin_t)
> +
> +corenet_sendrecv_speech_client_packets(webbrowser_plugin_t)
> +corenet_tcp_connect_speech_port(webbrowser_plugin_t)
> +corenet_tcp_sendrecv_speech_port(webbrowser_plugin_t)
> +
> +corenet_sendrecv_squid_client_packets(webbrowser_plugin_t)
> +corenet_tcp_connect_squid_port(webbrowser_plugin_t)
> +corenet_tcp_sendrecv_squid_port(webbrowser_plugin_t)
> +
> +corenet_sendrecv_vnc_client_packets(webbrowser_plugin_t)
> +corenet_tcp_connect_vnc_port(webbrowser_plugin_t)
> +corenet_tcp_sendrecv_vnc_port(webbrowser_plugin_t)
> +
> +dev_read_generic_usb_dev(webbrowser_plugin_t)
> +dev_read_rand(webbrowser_plugin_t)
> +dev_read_realtime_clock(webbrowser_plugin_t)
> +dev_read_sound(webbrowser_plugin_t)
> +dev_read_sysfs(webbrowser_plugin_t)
> +dev_read_urand(webbrowser_plugin_t)
> +dev_read_video_dev(webbrowser_plugin_t)
> +dev_write_sound(webbrowser_plugin_t)
> +dev_write_video_dev(webbrowser_plugin_t)
> +dev_rw_dri(webbrowser_plugin_t)
> +dev_rw_xserver_misc(webbrowser_plugin_t)
> +
> +dev_dontaudit_getattr_generic_files(webbrowser_plugin_t)
> +dev_dontaudit_getattr_generic_pipes(webbrowser_plugin_t)
> +dev_dontaudit_getattr_all_blk_files(webbrowser_plugin_t)
> +dev_dontaudit_getattr_all_chr_files(webbrowser_plugin_t)
> +
> +domain_use_interactive_fds(webbrowser_plugin_t)
> +domain_dontaudit_read_all_domains_state(webbrowser_plugin_t)
> +
> +files_exec_usr_files(webbrowser_plugin_t)
> +files_list_mnt(webbrowser_plugin_t)
> +files_read_config_files(webbrowser_plugin_t)
> +files_read_usr_files(webbrowser_plugin_t)
> +files_map_usr_files(webbrowser_plugin_t)
> +
> +fs_getattr_all_fs(webbrowser_plugin_t)
> +# fs_read_hugetlbfs_files(webbrowser_plugin_t)
> +fs_search_auto_mountpoints(webbrowser_plugin_t)
> +
> +term_getattr_all_ttys(webbrowser_plugin_t)
> +term_getattr_all_ptys(webbrowser_plugin_t)
> +
> +application_exec(webbrowser_plugin_t)
> +
> +auth_use_nsswitch(webbrowser_plugin_t)
> +
> +libs_exec_ld_so(webbrowser_plugin_t)
> +libs_exec_lib_files(webbrowser_plugin_t)
> +
> +logging_send_syslog_msg(webbrowser_plugin_t)
> +
> +miscfiles_read_localization(webbrowser_plugin_t)
> +miscfiles_read_fonts(webbrowser_plugin_t)
> +miscfiles_read_generic_certs(webbrowser_plugin_t)
> +miscfiles_dontaudit_setattr_fonts_dirs(webbrowser_plugin_t)
> +miscfiles_dontaudit_setattr_fonts_cache_dirs(webbrowser_plugin_t)
> +
> +userdom_manage_user_tmp_dirs(webbrowser_plugin_t)
> +userdom_manage_user_tmp_files(webbrowser_plugin_t)
> +userdom_map_user_tmp_files(webbrowser_plugin_t)
>  
> -userdom_user_home_dir_filetrans_user_home_content(mozilla_plugin_t, { dir file })
> +userdom_user_home_dir_filetrans_user_home_content(webbrowser_plugin_t, { dir file })
>  
> -userdom_write_user_tmp_sockets(mozilla_plugin_t)
> +userdom_write_user_tmp_sockets(webbrowser_plugin_t)
>  
> -userdom_dontaudit_use_user_terminals(mozilla_plugin_t)
> +userdom_dontaudit_use_user_terminals(webbrowser_plugin_t)
>  
> -xdg_read_config_files(mozilla_plugin_t)
> +xdg_read_config_files(webbrowser_plugin_t)
>  
>  ifndef(`enable_mls',`
> -	fs_list_dos(mozilla_plugin_t)
> -	fs_read_dos_files(mozilla_plugin_t)
> +	fs_list_dos(webbrowser_plugin_t)
> +	fs_read_dos_files(webbrowser_plugin_t)
>  
> -	fs_search_removable(mozilla_plugin_t)
> -	fs_read_removable_files(mozilla_plugin_t)
> -	fs_read_removable_symlinks(mozilla_plugin_t)
> +	fs_search_removable(webbrowser_plugin_t)
> +	fs_read_removable_files(webbrowser_plugin_t)
> +	fs_read_removable_symlinks(webbrowser_plugin_t)
>  
> -	fs_read_iso9660_files(mozilla_plugin_t)
> +	fs_read_iso9660_files(webbrowser_plugin_t)
>  ')
>  
>  tunable_policy(`allow_execmem',`
> -	allow mozilla_plugin_t self:process execmem;
> +	allow webbrowser_plugin_t self:process execmem;
>  ')
>  
> -tunable_policy(`mozilla_execstack',`
> -	allow mozilla_plugin_t self:process { execmem execstack };
> +tunable_policy(`webbrowser_execstack',`
> +	allow webbrowser_plugin_t self:process { execmem execstack };
>  ')
>  
>  tunable_policy(`use_nfs_home_dirs',`
> -	fs_manage_nfs_dirs(mozilla_plugin_t)
> -	fs_manage_nfs_files(mozilla_plugin_t)
> -	fs_manage_nfs_symlinks(mozilla_plugin_t)
> +	fs_manage_nfs_dirs(webbrowser_plugin_t)
> +	fs_manage_nfs_files(webbrowser_plugin_t)
> +	fs_manage_nfs_symlinks(webbrowser_plugin_t)
>  ')
>  
>  tunable_policy(`use_samba_home_dirs',`
> -	fs_manage_cifs_dirs(mozilla_plugin_t)
> -	fs_manage_cifs_files(mozilla_plugin_t)
> -	fs_manage_cifs_symlinks(mozilla_plugin_t)
> +	fs_manage_cifs_dirs(webbrowser_plugin_t)
> +	fs_manage_cifs_files(webbrowser_plugin_t)
> +	fs_manage_cifs_symlinks(webbrowser_plugin_t)
>  ')
>  
>  optional_policy(`
> -	alsa_read_config(mozilla_plugin_t)
> -	alsa_read_home_files(mozilla_plugin_t)
> +	alsa_read_config(webbrowser_plugin_t)
> +	alsa_read_home_files(webbrowser_plugin_t)
>  ')
>  
>  optional_policy(`
> -	automount_dontaudit_getattr_tmp_dirs(mozilla_plugin_t)
> +	automount_dontaudit_getattr_tmp_dirs(webbrowser_plugin_t)
>  ')
>  
>  optional_policy(`
> -	dbus_all_session_bus_client(mozilla_plugin_t)
> -	dbus_connect_all_session_bus(mozilla_plugin_t)
> -	dbus_system_bus_client(mozilla_plugin_t)
> +	dbus_all_session_bus_client(webbrowser_plugin_t)
> +	dbus_connect_all_session_bus(webbrowser_plugin_t)
> +	dbus_system_bus_client(webbrowser_plugin_t)
>  ')
>  
>  optional_policy(`
> -	gnome_manage_generic_home_content(mozilla_plugin_t)
> -	gnome_home_filetrans_gnome_home(mozilla_plugin_t, dir, ".gnome")
> -	gnome_home_filetrans_gnome_home(mozilla_plugin_t, dir, ".gnome2")
> -	gnome_home_filetrans_gnome_home(mozilla_plugin_t, dir, ".gnome2_private")
> +	gnome_manage_generic_home_content(webbrowser_plugin_t)
> +	gnome_home_filetrans_gnome_home(webbrowser_plugin_t, dir, ".gnome")
> +	gnome_home_filetrans_gnome_home(webbrowser_plugin_t, dir, ".gnome2")
> +	gnome_home_filetrans_gnome_home(webbrowser_plugin_t, dir, ".gnome2_private")
>  ')
>  
>  optional_policy(`
> -	java_exec(mozilla_plugin_t)
> -	java_manage_generic_home_content(mozilla_plugin_t)
> -	java_manage_java_tmp(mozilla_plugin_t)
> -	java_home_filetrans_java_home(mozilla_plugin_t, dir, ".java")
> +	java_exec(webbrowser_plugin_t)
> +	java_manage_generic_home_content(webbrowser_plugin_t)
> +	java_manage_java_tmp(webbrowser_plugin_t)
> +	java_home_filetrans_java_home(webbrowser_plugin_t, dir, ".java")
>  ')
>  
>  optional_policy(`
> -	lpd_run_lpr(mozilla_plugin_t, mozilla_plugin_roles)
> +	lpd_run_lpr(webbrowser_plugin_t, webbrowser_plugin_roles)
>  ')
>  
>  optional_policy(`
> -	mplayer_exec(mozilla_plugin_t)
> -	mplayer_manage_generic_home_content(mozilla_plugin_t)
> -	mplayer_home_filetrans_mplayer_home(mozilla_plugin_t, dir, ".mplayer")
> +	mplayer_exec(webbrowser_plugin_t)
> +	mplayer_manage_generic_home_content(webbrowser_plugin_t)
> +	mplayer_home_filetrans_mplayer_home(webbrowser_plugin_t, dir, ".mplayer")
>  ')
>  
>  optional_policy(`
> -	pcscd_stream_connect(mozilla_plugin_t)
> +	pcscd_stream_connect(webbrowser_plugin_t)
>  ')
>  
>  optional_policy(`
> -	pulseaudio_run(mozilla_plugin_t, mozilla_plugin_roles)
> +	pulseaudio_run(webbrowser_plugin_t, webbrowser_plugin_roles)
>  ')
>  
>  optional_policy(`
> -	udev_read_db(mozilla_plugin_t)
> +	udev_read_db(webbrowser_plugin_t)
>  ')
>  
>  optional_policy(`
> -	xserver_read_user_xauth(mozilla_plugin_t)
> -	xserver_read_xdm_pid(mozilla_plugin_t)
> -	xserver_stream_connect(mozilla_plugin_t)
> -	xserver_use_user_fonts(mozilla_plugin_t)
> -	xserver_dontaudit_read_xdm_tmp_files(mozilla_plugin_t)
> +	xserver_read_user_xauth(webbrowser_plugin_t)
> +	xserver_read_xdm_pid(webbrowser_plugin_t)
> +	xserver_stream_connect(webbrowser_plugin_t)
> +	xserver_use_user_fonts(webbrowser_plugin_t)
> +	xserver_dontaudit_read_xdm_tmp_files(webbrowser_plugin_t)
>  ')
>  
>  ########################################
> @@ -626,96 +637,96 @@ optional_policy(`
>  # Plugin config local policy
>  #
>  
> -allow mozilla_plugin_config_t self:capability { dac_override dac_read_search setgid setuid sys_nice };
> -allow mozilla_plugin_config_t self:process { setsched signal_perms getsched };
> -allow mozilla_plugin_config_t self:fifo_file rw_fifo_file_perms;
> -allow mozilla_plugin_config_t self:unix_stream_socket create_stream_socket_perms;
> +allow webbrowser_plugin_config_t self:capability { dac_override dac_read_search setgid setuid sys_nice };
> +allow webbrowser_plugin_config_t self:process { setsched signal_perms getsched };
> +allow webbrowser_plugin_config_t self:fifo_file rw_fifo_file_perms;
> +allow webbrowser_plugin_config_t self:unix_stream_socket create_stream_socket_perms;
>  
> -allow mozilla_plugin_config_t mozilla_plugin_rw_t:dir manage_dir_perms;
> -allow mozilla_plugin_config_t mozilla_plugin_rw_t:file manage_file_perms;
> -allow mozilla_plugin_config_t mozilla_plugin_rw_t:lnk_file manage_lnk_file_perms;
> +allow webbrowser_plugin_config_t webbrowser_plugin_rw_t:dir manage_dir_perms;
> +allow webbrowser_plugin_config_t webbrowser_plugin_rw_t:file manage_file_perms;
> +allow webbrowser_plugin_config_t webbrowser_plugin_rw_t:lnk_file manage_lnk_file_perms;
>  
> -manage_dirs_pattern(mozilla_plugin_config_t, { mozilla_home_t mozilla_plugin_home_t }, { mozilla_home_t mozilla_plugin_home_t })
> -manage_files_pattern(mozilla_plugin_config_t, { mozilla_home_t mozilla_plugin_home_t }, mozilla_plugin_home_t)
> -manage_lnk_files_pattern(mozilla_plugin_config_t, { mozilla_home_t mozilla_plugin_home_t }, mozilla_plugin_home_t)
> +manage_dirs_pattern(webbrowser_plugin_config_t, { webbrowser_home_t webbrowser_plugin_home_t }, { webbrowser_home_t webbrowser_plugin_home_t })
> +manage_files_pattern(webbrowser_plugin_config_t, { webbrowser_home_t webbrowser_plugin_home_t }, webbrowser_plugin_home_t)
> +manage_lnk_files_pattern(webbrowser_plugin_config_t, { webbrowser_home_t webbrowser_plugin_home_t }, webbrowser_plugin_home_t)
>  
> -userdom_user_home_dir_filetrans(mozilla_plugin_config_t, mozilla_home_t, dir, ".galeon")
> -userdom_user_home_dir_filetrans(mozilla_plugin_config_t, mozilla_home_t, dir, ".mozilla")
> -userdom_user_home_dir_filetrans(mozilla_plugin_config_t, mozilla_home_t, dir, ".netscape")
> -userdom_user_home_dir_filetrans(mozilla_plugin_config_t, mozilla_home_t, dir, ".phoenix")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_config_t, webbrowser_home_t, dir, ".galeon")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_config_t, webbrowser_home_t, dir, ".mozilla")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_config_t, webbrowser_home_t, dir, ".netscape")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_config_t, webbrowser_home_t, dir, ".phoenix")
>  
> -userdom_user_home_dir_filetrans(mozilla_plugin_config_t, mozilla_plugin_home_t, dir, ".adobe")
> -userdom_user_home_dir_filetrans(mozilla_plugin_config_t, mozilla_plugin_home_t, dir, ".macromedia")
> -userdom_user_home_dir_filetrans(mozilla_plugin_config_t, mozilla_plugin_home_t, dir, ".gnash")
> -userdom_user_home_dir_filetrans(mozilla_plugin_config_t, mozilla_plugin_home_t, dir, ".gcjwebplugin")
> -userdom_user_home_dir_filetrans(mozilla_plugin_config_t, mozilla_plugin_home_t, dir, ".icedteaplugin")
> -userdom_user_home_dir_filetrans(mozilla_plugin_config_t, mozilla_plugin_home_t, dir, ".spicec")
> -userdom_user_home_dir_filetrans(mozilla_plugin_config_t, mozilla_plugin_home_t, dir, ".ICAClient")
> -userdom_user_home_dir_filetrans(mozilla_plugin_config_t, mozilla_plugin_home_t, dir, "zimbrauserdata")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_config_t, webbrowser_plugin_home_t, dir, ".adobe")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_config_t, webbrowser_plugin_home_t, dir, ".macromedia")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_config_t, webbrowser_plugin_home_t, dir, ".gnash")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_config_t, webbrowser_plugin_home_t, dir, ".gcjwebplugin")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_config_t, webbrowser_plugin_home_t, dir, ".icedteaplugin")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_config_t, webbrowser_plugin_home_t, dir, ".spicec")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_config_t, webbrowser_plugin_home_t, dir, ".ICAClient")
> +userdom_user_home_dir_filetrans(webbrowser_plugin_config_t, webbrowser_plugin_home_t, dir, "zimbrauserdata")
>  
> -filetrans_pattern(mozilla_plugin_config_t, mozilla_home_t, mozilla_plugin_home_t, dir, "plugins")
> +filetrans_pattern(webbrowser_plugin_config_t, webbrowser_home_t, webbrowser_plugin_home_t, dir, "plugins")
>  
> -can_exec(mozilla_plugin_config_t, { mozilla_plugin_rw_t mozilla_plugin_home_t })
> +can_exec(webbrowser_plugin_config_t, { webbrowser_plugin_rw_t webbrowser_plugin_home_t })
>  
> -ps_process_pattern(mozilla_plugin_config_t, mozilla_plugin_t)
> +ps_process_pattern(webbrowser_plugin_config_t, webbrowser_plugin_t)
>  
> -kernel_read_system_state(mozilla_plugin_config_t)
> -kernel_request_load_module(mozilla_plugin_config_t)
> +kernel_read_system_state(webbrowser_plugin_config_t)
> +kernel_request_load_module(webbrowser_plugin_config_t)
>  
> -corecmd_exec_bin(mozilla_plugin_config_t)
> -corecmd_exec_shell(mozilla_plugin_config_t)
> +corecmd_exec_bin(webbrowser_plugin_config_t)
> +corecmd_exec_shell(webbrowser_plugin_config_t)
>  
> -dev_read_urand(mozilla_plugin_config_t)
> -dev_rw_dri(mozilla_plugin_config_t)
> -dev_search_sysfs(mozilla_plugin_config_t)
> -dev_dontaudit_read_rand(mozilla_plugin_config_t)
> +dev_read_urand(webbrowser_plugin_config_t)
> +dev_rw_dri(webbrowser_plugin_config_t)
> +dev_search_sysfs(webbrowser_plugin_config_t)
> +dev_dontaudit_read_rand(webbrowser_plugin_config_t)
>  
> -domain_use_interactive_fds(mozilla_plugin_config_t)
> +domain_use_interactive_fds(webbrowser_plugin_config_t)
>  
> -files_list_tmp(mozilla_plugin_config_t)
> -files_read_usr_files(mozilla_plugin_config_t)
> -files_dontaudit_search_home(mozilla_plugin_config_t)
> +files_list_tmp(webbrowser_plugin_config_t)
> +files_read_usr_files(webbrowser_plugin_config_t)
> +files_dontaudit_search_home(webbrowser_plugin_config_t)
>  
> -fs_getattr_all_fs(mozilla_plugin_config_t)
> -fs_search_auto_mountpoints(mozilla_plugin_config_t)
> -fs_list_inotifyfs(mozilla_plugin_config_t)
> +fs_getattr_all_fs(webbrowser_plugin_config_t)
> +fs_search_auto_mountpoints(webbrowser_plugin_config_t)
> +fs_list_inotifyfs(webbrowser_plugin_config_t)
>  
> -auth_use_nsswitch(mozilla_plugin_config_t)
> +auth_use_nsswitch(webbrowser_plugin_config_t)
>  
> -miscfiles_read_localization(mozilla_plugin_config_t)
> -miscfiles_read_fonts(mozilla_plugin_config_t)
> +miscfiles_read_localization(webbrowser_plugin_config_t)
> +miscfiles_read_fonts(webbrowser_plugin_config_t)
>  
> -userdom_read_user_home_content_symlinks(mozilla_plugin_config_t)
> -userdom_read_user_home_content_files(mozilla_plugin_config_t)
> +userdom_read_user_home_content_symlinks(webbrowser_plugin_config_t)
> +userdom_read_user_home_content_files(webbrowser_plugin_config_t)
>  
> -userdom_use_user_ptys(mozilla_plugin_config_t)
> +userdom_use_user_ptys(webbrowser_plugin_config_t)
>  
> -mozilla_run_plugin(mozilla_plugin_config_t, mozilla_plugin_config_roles)
> +webbrowser_run_plugin(webbrowser_plugin_config_t, webbrowser_plugin_config_roles)
>  
>  tunable_policy(`allow_execmem',`
> -	allow mozilla_plugin_config_t self:process execmem;
> +	allow webbrowser_plugin_config_t self:process execmem;
>  ')
>  
> -tunable_policy(`mozilla_execstack',`
> -	allow mozilla_plugin_config_t self:process { execmem execstack };
> +tunable_policy(`webbrowser_execstack',`
> +	allow webbrowser_plugin_config_t self:process { execmem execstack };
>  ')
>  
>  tunable_policy(`use_nfs_home_dirs',`
> -	fs_manage_nfs_dirs(mozilla_plugin_config_t)
> -	fs_manage_nfs_files(mozilla_plugin_config_t)
> -	fs_manage_nfs_symlinks(mozilla_plugin_config_t)
> +	fs_manage_nfs_dirs(webbrowser_plugin_config_t)
> +	fs_manage_nfs_files(webbrowser_plugin_config_t)
> +	fs_manage_nfs_symlinks(webbrowser_plugin_config_t)
>  ')
>  
>  tunable_policy(`use_samba_home_dirs',`
> -	fs_manage_cifs_dirs(mozilla_plugin_config_t)
> -	fs_manage_cifs_files(mozilla_plugin_config_t)
> -	fs_manage_cifs_symlinks(mozilla_plugin_config_t)
> +	fs_manage_cifs_dirs(webbrowser_plugin_config_t)
> +	fs_manage_cifs_files(webbrowser_plugin_config_t)
> +	fs_manage_cifs_symlinks(webbrowser_plugin_config_t)
>  ')
>  
>  optional_policy(`
> -	automount_dontaudit_getattr_tmp_dirs(mozilla_plugin_config_t)
> +	automount_dontaudit_getattr_tmp_dirs(webbrowser_plugin_config_t)
>  ')
>  
>  optional_policy(`
> -	xserver_use_user_fonts(mozilla_plugin_config_t)
> +	xserver_use_user_fonts(webbrowser_plugin_config_t)
>  ')
> Index: refpolicy-2.20180701/policy/modules/apps/mozilla.fc
> ===================================================================
> --- refpolicy-2.20180701.orig/policy/modules/apps/mozilla.fc
> +++ refpolicy-2.20180701/policy/modules/apps/mozilla.fc
> @@ -1,42 +1,42 @@
> -HOME_DIR/\.cache/mozilla(/.*)?	gen_context(system_u:object_r:mozilla_xdg_cache_t,s0)
> -HOME_DIR/\.galeon(/.*)?	gen_context(system_u:object_r:mozilla_home_t,s0)
> -HOME_DIR/\.mozilla(/.*)?	gen_context(system_u:object_r:mozilla_home_t,s0)
> -HOME_DIR/\.mozilla/plugins(/.*)?	gen_context(system_u:object_r:mozilla_plugin_home_t,s0)
> -HOME_DIR/\.netscape(/.*)?	gen_context(system_u:object_r:mozilla_home_t,s0)
> -HOME_DIR/\.phoenix(/.*)?	gen_context(system_u:object_r:mozilla_home_t,s0)
> -HOME_DIR/\.vimperator.*		gen_context(system_u:object_r:mozilla_home_t,s0)
> +HOME_DIR/\.cache/mozilla(/.*)?	gen_context(system_u:object_r:webbrowser_xdg_cache_t,s0)
> +HOME_DIR/\.galeon(/.*)?	gen_context(system_u:object_r:webbrowser_home_t,s0)
> +HOME_DIR/\.mozilla(/.*)?	gen_context(system_u:object_r:webbrowser_home_t,s0)
> +HOME_DIR/\.mozilla/plugins(/.*)?	gen_context(system_u:object_r:webbrowser_plugin_home_t,s0)
> +HOME_DIR/\.netscape(/.*)?	gen_context(system_u:object_r:webbrowser_home_t,s0)
> +HOME_DIR/\.phoenix(/.*)?	gen_context(system_u:object_r:webbrowser_home_t,s0)
> +HOME_DIR/\.vimperator.*		gen_context(system_u:object_r:webbrowser_home_t,s0)
>  
> -HOME_DIR/\.adobe(/.*)?	gen_context(system_u:object_r:mozilla_plugin_home_t,s0)
> -HOME_DIR/\.macromedia(/.*)?	gen_context(system_u:object_r:mozilla_plugin_home_t,s0)
> -HOME_DIR/\.gnash(/.*)?	gen_context(system_u:object_r:mozilla_plugin_home_t,s0)
> -HOME_DIR/\.gcjwebplugin(/.*)?	gen_context(system_u:object_r:mozilla_plugin_home_t,s0)
> -HOME_DIR/\.icedteaplugin(/.*)?	gen_context(system_u:object_r:mozilla_plugin_home_t,s0)
> -HOME_DIR/\.spicec(/.*)?	gen_context(system_u:object_r:mozilla_plugin_home_t,s0)
> -HOME_DIR/\.ICAClient(/.*)?	gen_context(system_u:object_r:mozilla_plugin_home_t,s0)
> -HOME_DIR/zimbrauserdata(/.*)?	gen_context(system_u:object_r:mozilla_plugin_home_t,s0)
> +HOME_DIR/\.adobe(/.*)?	gen_context(system_u:object_r:webbrowser_plugin_home_t,s0)
> +HOME_DIR/\.macromedia(/.*)?	gen_context(system_u:object_r:webbrowser_plugin_home_t,s0)
> +HOME_DIR/\.gnash(/.*)?	gen_context(system_u:object_r:webbrowser_plugin_home_t,s0)
> +HOME_DIR/\.gcjwebplugin(/.*)?	gen_context(system_u:object_r:webbrowser_plugin_home_t,s0)
> +HOME_DIR/\.icedteaplugin(/.*)?	gen_context(system_u:object_r:webbrowser_plugin_home_t,s0)
> +HOME_DIR/\.spicec(/.*)?	gen_context(system_u:object_r:webbrowser_plugin_home_t,s0)
> +HOME_DIR/\.ICAClient(/.*)?	gen_context(system_u:object_r:webbrowser_plugin_home_t,s0)
> +HOME_DIR/zimbrauserdata(/.*)?	gen_context(system_u:object_r:webbrowser_plugin_home_t,s0)
>  
> -/usr/bin/epiphany	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
> -/usr/bin/epiphany-bin	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
> -/usr/bin/mozilla	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
> -/usr/bin/mozilla-snapshot	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
> -/usr/bin/mozilla-[0-9].*	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
> -/usr/bin/mozilla-bin-[0-9].*	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
> -/usr/bin/netscape	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
> -/usr/bin/nspluginscan	--	gen_context(system_u:object_r:mozilla_plugin_exec_t,s0)
> -/usr/bin/nspluginviewer	--	gen_context(system_u:object_r:mozilla_plugin_exec_t,s0)
> +/usr/bin/epiphany	--	gen_context(system_u:object_r:webbrowser_exec_t,s0)
> +/usr/bin/epiphany-bin	--	gen_context(system_u:object_r:webbrowser_exec_t,s0)
> +/usr/bin/mozilla	--	gen_context(system_u:object_r:webbrowser_exec_t,s0)
> +/usr/bin/mozilla-snapshot	--	gen_context(system_u:object_r:webbrowser_exec_t,s0)
> +/usr/bin/mozilla-[0-9].*	--	gen_context(system_u:object_r:webbrowser_exec_t,s0)
> +/usr/bin/mozilla-bin-[0-9].*	--	gen_context(system_u:object_r:webbrowser_exec_t,s0)
> +/usr/bin/netscape	--	gen_context(system_u:object_r:webbrowser_exec_t,s0)
> +/usr/bin/nspluginscan	--	gen_context(system_u:object_r:webbrowser_plugin_exec_t,s0)
> +/usr/bin/nspluginviewer	--	gen_context(system_u:object_r:webbrowser_plugin_exec_t,s0)
>  
> -/usr/lib/[^/]*firefox[^/]*/firefox	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
> -/usr/lib/[^/]*firefox[^/]*/firefox-bin	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
> -/usr/lib/firefox[^/]*/firefox-.*	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
> -/usr/lib/firefox[^/]*/mozilla-.*	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
> -/usr/lib/galeon/galeon	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
> -/usr/lib/iceweasel/iceweasel	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
> -/usr/lib/iceweasel/plugin-container	--	gen_context(system_u:object_r:mozilla_plugin_exec_t,s0)
> -/usr/lib/mozilla[^/]*/reg.+	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
> -/usr/lib/mozilla[^/]*/mozilla-.*	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
> -/usr/lib/mozilla/plugins-wrapped(/.*)?	gen_context(system_u:object_r:mozilla_plugin_rw_t,s0)
> -/usr/lib/netscape/base-4/wrapper	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
> -/usr/lib/netscape/.+/communicator/communicator-smotif\.real	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
> -/usr/lib/nspluginwrapper/npviewer.bin	--	gen_context(system_u:object_r:mozilla_plugin_exec_t,s0)
> -/usr/lib/nspluginwrapper/plugin-config	--	gen_context(system_u:object_r:mozilla_plugin_config_exec_t,s0)
> -/usr/lib/xulrunner[^/]*/plugin-container	--	gen_context(system_u:object_r:mozilla_plugin_exec_t,s0)
> +/usr/lib/[^/]*firefox[^/]*/firefox	--	gen_context(system_u:object_r:webbrowser_exec_t,s0)
> +/usr/lib/[^/]*firefox[^/]*/firefox-bin	--	gen_context(system_u:object_r:webbrowser_exec_t,s0)
> +/usr/lib/firefox[^/]*/firefox-.*	--	gen_context(system_u:object_r:webbrowser_exec_t,s0)
> +/usr/lib/firefox[^/]*/mozilla-.*	--	gen_context(system_u:object_r:webbrowser_exec_t,s0)
> +/usr/lib/galeon/galeon	--	gen_context(system_u:object_r:webbrowser_exec_t,s0)
> +/usr/lib/iceweasel/iceweasel	--	gen_context(system_u:object_r:webbrowser_exec_t,s0)
> +/usr/lib/iceweasel/plugin-container	--	gen_context(system_u:object_r:webbrowser_plugin_exec_t,s0)
> +/usr/lib/mozilla[^/]*/reg.+	--	gen_context(system_u:object_r:webbrowser_exec_t,s0)
> +/usr/lib/mozilla[^/]*/mozilla-.*	--	gen_context(system_u:object_r:webbrowser_exec_t,s0)
> +/usr/lib/mozilla/plugins-wrapped(/.*)?	gen_context(system_u:object_r:webbrowser_plugin_rw_t,s0)
> +/usr/lib/netscape/base-4/wrapper	--	gen_context(system_u:object_r:webbrowser_exec_t,s0)
> +/usr/lib/netscape/.+/communicator/communicator-smotif\.real	--	gen_context(system_u:object_r:webbrowser_exec_t,s0)
> +/usr/lib/nspluginwrapper/npviewer.bin	--	gen_context(system_u:object_r:webbrowser_plugin_exec_t,s0)
> +/usr/lib/nspluginwrapper/plugin-config	--	gen_context(system_u:object_r:webbrowser_plugin_config_exec_t,s0)
> +/usr/lib/xulrunner[^/]*/plugin-container	--	gen_context(system_u:object_r:webbrowser_plugin_exec_t,s0)
> Index: refpolicy-2.20180701/policy/modules/apps/mozilla.if
> ===================================================================
> --- refpolicy-2.20180701.orig/policy/modules/apps/mozilla.if
> +++ refpolicy-2.20180701/policy/modules/apps/mozilla.if
> @@ -2,7 +2,7 @@
>  
>  ########################################
>  ## <summary>
> -##	Role access for mozilla.
> +##	Role access for graphical web browser.
>  ## </summary>
>  ## <param name="role">
>  ##	<summary>
> @@ -15,12 +15,12 @@
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_role',`
> +interface(`webbrowser_role',`
>  	gen_require(`
> -		type mozilla_t, mozilla_exec_t, mozilla_home_t;
> -		type mozilla_tmp_t, mozilla_tmpfs_t, mozilla_plugin_tmp_t;
> -		type mozilla_plugin_tmpfs_t, mozilla_plugin_home_t;
> -		attribute_role mozilla_roles;
> +		type webbrowser_t, webbrowser_exec_t, webbrowser_home_t;
> +		type webbrowser_tmp_t, webbrowser_tmpfs_t, webbrowser_plugin_tmp_t;
> +		type webbrowser_plugin_tmpfs_t, webbrowser_plugin_home_t;
> +		attribute_role webbrowser_roles;
>  	')
>  
>  	########################################
> @@ -28,53 +28,53 @@ interface(`mozilla_role',`
>  	# Declarations
>  	#
>  
> -	roleattribute $1 mozilla_roles;
> +	roleattribute $1 webbrowser_roles;
>  
>  	########################################
>  	#
>  	# Policy
>  	#
>  
> -	domtrans_pattern($2, mozilla_exec_t, mozilla_t)
> +	domtrans_pattern($2, webbrowser_exec_t, webbrowser_t)
>  
> -	allow $2 mozilla_t:process { noatsecure siginh rlimitinh ptrace signal_perms };
> -	ps_process_pattern($2, mozilla_t)
> +	allow $2 webbrowser_t:process { noatsecure siginh rlimitinh ptrace signal_perms };
> +	ps_process_pattern($2, webbrowser_t)
>  
> -	allow mozilla_t $2:process signull;
> -	allow mozilla_t $2:unix_stream_socket connectto;
> +	allow webbrowser_t $2:process signull;
> +	allow webbrowser_t $2:unix_stream_socket connectto;
>  
> -	allow $2 mozilla_t:fd use;
> -	allow $2 mozilla_t:shm rw_shm_perms;
> +	allow $2 webbrowser_t:fd use;
> +	allow $2 webbrowser_t:shm rw_shm_perms;
>  
> -	stream_connect_pattern($2, mozilla_tmpfs_t, mozilla_tmpfs_t, mozilla_t)
> +	stream_connect_pattern($2, webbrowser_tmpfs_t, webbrowser_tmpfs_t, webbrowser_t)
>  
> -	allow $2 { mozilla_home_t mozilla_plugin_home_t }:dir { manage_dir_perms relabel_dir_perms };
> -	allow $2 { mozilla_home_t mozilla_plugin_home_t }:file { manage_file_perms relabel_file_perms };
> -	allow $2 mozilla_home_t:lnk_file { manage_lnk_file_perms relabel_lnk_file_perms };
> -	userdom_user_home_dir_filetrans($2, mozilla_home_t, dir, ".galeon")
> -	userdom_user_home_dir_filetrans($2, mozilla_home_t, dir, ".mozilla")
> -	userdom_user_home_dir_filetrans($2, mozilla_home_t, dir, ".netscape")
> -	userdom_user_home_dir_filetrans($2, mozilla_home_t, dir, ".phoenix")
> +	allow $2 { webbrowser_home_t webbrowser_plugin_home_t }:dir { manage_dir_perms relabel_dir_perms };
> +	allow $2 { webbrowser_home_t webbrowser_plugin_home_t }:file { manage_file_perms relabel_file_perms };
> +	allow $2 webbrowser_home_t:lnk_file { manage_lnk_file_perms relabel_lnk_file_perms };
> +	userdom_user_home_dir_filetrans($2, webbrowser_home_t, dir, ".galeon")
> +	userdom_user_home_dir_filetrans($2, webbrowser_home_t, dir, ".mozilla")
> +	userdom_user_home_dir_filetrans($2, webbrowser_home_t, dir, ".netscape")
> +	userdom_user_home_dir_filetrans($2, webbrowser_home_t, dir, ".phoenix")
>  
> -	filetrans_pattern($2, mozilla_home_t, mozilla_plugin_home_t, dir, "plugins")
> +	filetrans_pattern($2, webbrowser_home_t, webbrowser_plugin_home_t, dir, "plugins")
>  
> -	allow $2 { mozilla_tmp_t mozilla_plugin_tmp_t }:dir { manage_dir_perms relabel_dir_perms };
> -	allow $2 { mozilla_tmp_t mozilla_plugin_tmp_t }:file { manage_file_perms relabel_file_perms };
> -	allow $2 mozilla_plugin_tmp_t:fifo_file { manage_fifo_file_perms relabel_fifo_file_perms };
> +	allow $2 { webbrowser_tmp_t webbrowser_plugin_tmp_t }:dir { manage_dir_perms relabel_dir_perms };
> +	allow $2 { webbrowser_tmp_t webbrowser_plugin_tmp_t }:file { manage_file_perms relabel_file_perms };
> +	allow $2 webbrowser_plugin_tmp_t:fifo_file { manage_fifo_file_perms relabel_fifo_file_perms };
>  
> -	allow $2 { mozilla_tmpfs_t mozilla_plugin_tmpfs_t }:dir { manage_dir_perms relabel_dir_perms };
> -	allow $2 { mozilla_tmpfs_t mozilla_plugin_tmpfs_t }:file { manage_file_perms relabel_file_perms };
> -	allow $2 { mozilla_tmpfs_t mozilla_plugin_tmpfs_t }:fifo_file { manage_fifo_file_perms relabel_fifo_file_perms };
> -	allow $2 { mozilla_tmpfs_t mozilla_plugin_tmpfs_t }:sock_file { manage_sock_file_perms relabel_sock_file_perms };
> +	allow $2 { webbrowser_tmpfs_t webbrowser_plugin_tmpfs_t }:dir { manage_dir_perms relabel_dir_perms };
> +	allow $2 { webbrowser_tmpfs_t webbrowser_plugin_tmpfs_t }:file { manage_file_perms relabel_file_perms };
> +	allow $2 { webbrowser_tmpfs_t webbrowser_plugin_tmpfs_t }:fifo_file { manage_fifo_file_perms relabel_fifo_file_perms };
> +	allow $2 { webbrowser_tmpfs_t webbrowser_plugin_tmpfs_t }:sock_file { manage_sock_file_perms relabel_sock_file_perms };
>  
>  	optional_policy(`
> -		mozilla_dbus_chat($2)
> +		webbrowser_dbus_chat($2)
>  	')
>  ')
>  
>  ########################################
>  ## <summary>
> -##	Role access for mozilla plugin.
> +##	Role access for web browser plugin.
>  ## </summary>
>  ## <param name="role">
>  ##	<summary>
> @@ -87,60 +87,60 @@ interface(`mozilla_role',`
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_role_plugin',`
> +interface(`webbrowser_role_plugin',`
>  	gen_require(`
> -		type mozilla_plugin_tmp_t, mozilla_plugin_tmpfs_t, mozilla_plugin_rw_t;
> -		type mozilla_home_t;
> +		type webbrowser_plugin_tmp_t, webbrowser_plugin_tmpfs_t, webbrowser_plugin_rw_t;
> +		type webbrowser_home_t;
>  	')
>  
> -	mozilla_run_plugin($2, $1)
> -	mozilla_run_plugin_config($2, $1)
> +	webbrowser_run_plugin($2, $1)
> +	webbrowser_run_plugin_config($2, $1)
>  
> -	allow $2 { mozilla_plugin_t mozilla_plugin_config_t }:process { ptrace signal_perms };
> -	ps_process_pattern($2, { mozilla_plugin_t mozilla_plugin_config_t })
> +	allow $2 { webbrowser_plugin_t webbrowser_plugin_config_t }:process { ptrace signal_perms };
> +	ps_process_pattern($2, { webbrowser_plugin_t webbrowser_plugin_config_t })
>  
> -	allow $2 mozilla_plugin_t:unix_stream_socket rw_socket_perms;
> -	allow $2 mozilla_plugin_t:fd use;
> +	allow $2 webbrowser_plugin_t:unix_stream_socket rw_socket_perms;
> +	allow $2 webbrowser_plugin_t:fd use;
>  
> -	stream_connect_pattern($2, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t, mozilla_plugin_t)
> +	stream_connect_pattern($2, webbrowser_plugin_tmpfs_t, webbrowser_plugin_tmpfs_t, webbrowser_plugin_t)
>  
> -	allow mozilla_plugin_t $2:process signull;
> -	allow mozilla_plugin_t $2:unix_stream_socket { connectto rw_socket_perms };
> -	allow mozilla_plugin_t $2:unix_dgram_socket { sendto rw_socket_perms };
> -	allow mozilla_plugin_t $2:shm { rw_shm_perms destroy };
> -	allow mozilla_plugin_t $2:sem create_sem_perms;
> +	allow webbrowser_plugin_t $2:process signull;
> +	allow webbrowser_plugin_t $2:unix_stream_socket { connectto rw_socket_perms };
> +	allow webbrowser_plugin_t $2:unix_dgram_socket { sendto rw_socket_perms };
> +	allow webbrowser_plugin_t $2:shm { rw_shm_perms destroy };
> +	allow webbrowser_plugin_t $2:sem create_sem_perms;
>  
> -	allow $2 mozilla_home_t:dir { manage_dir_perms relabel_dir_perms };
> -	allow $2 mozilla_home_t:file { manage_file_perms relabel_file_perms };
> -	allow $2 mozilla_home_t:lnk_file { manage_lnk_file_perms relabel_lnk_file_perms };
> -	userdom_user_home_dir_filetrans($2, mozilla_home_t, dir, ".galeon")
> -	userdom_user_home_dir_filetrans($2, mozilla_home_t, dir, ".mozilla")
> -	userdom_user_home_dir_filetrans($2, mozilla_home_t, dir, ".netscape")
> -	userdom_user_home_dir_filetrans($2, mozilla_home_t, dir, ".phoenix")
> +	allow $2 webbrowser_home_t:dir { manage_dir_perms relabel_dir_perms };
> +	allow $2 webbrowser_home_t:file { manage_file_perms relabel_file_perms };
> +	allow $2 webbrowser_home_t:lnk_file { manage_lnk_file_perms relabel_lnk_file_perms };
> +	userdom_user_home_dir_filetrans($2, webbrowser_home_t, dir, ".galeon")
> +	userdom_user_home_dir_filetrans($2, webbrowser_home_t, dir, ".mozilla")
> +	userdom_user_home_dir_filetrans($2, webbrowser_home_t, dir, ".netscape")
> +	userdom_user_home_dir_filetrans($2, webbrowser_home_t, dir, ".phoenix")
>  
> -	allow $2 mozilla_plugin_tmp_t:dir { manage_dir_perms relabel_dir_perms };
> -	allow $2 mozilla_plugin_tmp_t:file { manage_file_perms relabel_file_perms };
> -	allow $2 mozilla_plugin_tmp_t:fifo_file { manage_fifo_file_perms relabel_fifo_file_perms };
> +	allow $2 webbrowser_plugin_tmp_t:dir { manage_dir_perms relabel_dir_perms };
> +	allow $2 webbrowser_plugin_tmp_t:file { manage_file_perms relabel_file_perms };
> +	allow $2 webbrowser_plugin_tmp_t:fifo_file { manage_fifo_file_perms relabel_fifo_file_perms };
>  
> -	allow $2 mozilla_plugin_tmpfs_t:dir { manage_dir_perms relabel_dir_perms };
> -	allow $2 mozilla_plugin_tmpfs_t:file { manage_file_perms relabel_file_perms };
> -	allow $2 mozilla_plugin_tmpfs_t:fifo_file { manage_fifo_file_perms relabel_fifo_file_perms };
> -	allow $2 mozilla_plugin_tmpfs_t:sock_file { manage_sock_file_perms relabel_sock_file_perms };
> +	allow $2 webbrowser_plugin_tmpfs_t:dir { manage_dir_perms relabel_dir_perms };
> +	allow $2 webbrowser_plugin_tmpfs_t:file { manage_file_perms relabel_file_perms };
> +	allow $2 webbrowser_plugin_tmpfs_t:fifo_file { manage_fifo_file_perms relabel_fifo_file_perms };
> +	allow $2 webbrowser_plugin_tmpfs_t:sock_file { manage_sock_file_perms relabel_sock_file_perms };
>  
> -	allow $2 mozilla_plugin_rw_t:dir list_dir_perms;
> -	allow $2 mozilla_plugin_rw_t:file read_file_perms;
> -	allow $2 mozilla_plugin_rw_t:lnk_file read_lnk_file_perms;
> +	allow $2 webbrowser_plugin_rw_t:dir list_dir_perms;
> +	allow $2 webbrowser_plugin_rw_t:file read_file_perms;
> +	allow $2 webbrowser_plugin_rw_t:lnk_file read_lnk_file_perms;
>  
> -	can_exec($2, mozilla_plugin_rw_t)
> +	can_exec($2, webbrowser_plugin_rw_t)
>  
>  	optional_policy(`
> -		mozilla_dbus_chat_plugin($2)
> +		webbrowser_dbus_chat_plugin($2)
>  	')
>  ')
>  
>  ########################################
>  ## <summary>
> -##	Read mozilla home directory content.
> +##	Read web browser home directory content.
>  ## </summary>
>  ## <param name="domain">
>  ##	<summary>
> @@ -148,20 +148,20 @@ interface(`mozilla_role_plugin',`
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_read_user_home_files',`
> +interface(`webbrowser_read_user_home_files',`
>  	gen_require(`
> -		type mozilla_home_t;
> +		type webbrowser_home_t;
>  	')
>  
>  	userdom_search_user_home_dirs($1)
> -	allow $1 mozilla_home_t:dir list_dir_perms;
> -	allow $1 mozilla_home_t:file read_file_perms;
> -	allow $1 mozilla_home_t:lnk_file read_lnk_file_perms;
> +	allow $1 webbrowser_home_t:dir list_dir_perms;
> +	allow $1 webbrowser_home_t:file read_file_perms;
> +	allow $1 webbrowser_home_t:lnk_file read_lnk_file_perms;
>  ')
>  
>  ########################################
>  ## <summary>
> -##	Write mozilla home directory files.
> +##	Write web browser home directory files.
>  ## </summary>
>  ## <param name="domain">
>  ##	<summary>
> @@ -169,19 +169,19 @@ interface(`mozilla_read_user_home_files'
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_write_user_home_files',`
> +interface(`webbrowser_write_user_home_files',`
>  	gen_require(`
> -		type mozilla_home_t;
> +		type webbrowser_home_t;
>  	')
>  
>  	userdom_search_user_home_dirs($1)
> -	write_files_pattern($1, mozilla_home_t, mozilla_home_t)
> +	write_files_pattern($1, webbrowser_home_t, webbrowser_home_t)
>  ')
>  
>  ########################################
>  ## <summary>
>  ##	Do not audit attempts to read and
> -##	write mozilla home directory files.
> +##	write web browser home directory files.
>  ## </summary>
>  ## <param name="domain">
>  ##	<summary>
> @@ -189,18 +189,18 @@ interface(`mozilla_write_user_home_files
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_dontaudit_rw_user_home_files',`
> +interface(`webbrowser_dontaudit_rw_user_home_files',`
>  	gen_require(`
> -		type mozilla_home_t;
> +		type webbrowser_home_t;
>  	')
>  
> -	dontaudit $1 mozilla_home_t:file rw_file_perms;
> +	dontaudit $1 webbrowser_home_t:file rw_file_perms;
>  ')
>  
>  ########################################
>  ## <summary>
>  ##	Do not audit attempt to Create,
> -##	read, write, and delete mozilla
> +##	read, write, and delete web browser
>  ##	home directory content.
>  ## </summary>
>  ## <param name="domain">
> @@ -209,19 +209,19 @@ interface(`mozilla_dontaudit_rw_user_hom
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_dontaudit_manage_user_home_files',`
> +interface(`webbrowser_dontaudit_manage_user_home_files',`
>  	gen_require(`
> -		type mozilla_home_t;
> +		type webbrowser_home_t;
>  	')
>  
> -	dontaudit $1 mozilla_home_t:dir manage_dir_perms;
> -	dontaudit $1 mozilla_home_t:file manage_file_perms;
> -	dontaudit $1 mozilla_home_t:lnk_file manage_lnk_file_perms;
> +	dontaudit $1 webbrowser_home_t:dir manage_dir_perms;
> +	dontaudit $1 webbrowser_home_t:file manage_file_perms;
> +	dontaudit $1 webbrowser_home_t:lnk_file manage_lnk_file_perms;
>  ')
>  
>  ########################################
>  ## <summary>
> -##	Execute mozilla plugin home directory files.
> +##	Execute web browser plugin home directory files.
>  ## </summary>
>  ## <param name="domain">
>  ##	<summary>
> @@ -229,13 +229,13 @@ interface(`mozilla_dontaudit_manage_user
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_exec_user_plugin_home_files',`
> +interface(`webbrowser_exec_user_plugin_home_files',`
>  	gen_require(`
> -		type mozilla_home_t, mozilla_plugin_home_t;
> +		type webbrowser_home_t, webbrowser_plugin_home_t;
>  	')
>  
>  	userdom_search_user_home_dirs($1)
> -	exec_files_pattern($1, { mozilla_home_t mozilla_plugin_home_t }, mozilla_plugin_home_t)
> +	exec_files_pattern($1, { webbrowser_home_t webbrowser_plugin_home_t }, webbrowser_plugin_home_t)
>  ')
>  
>  ########################################
> @@ -249,17 +249,17 @@ interface(`mozilla_exec_user_plugin_home
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_execmod_user_plugin_home_files',`
> +interface(`webbrowser_execmod_user_plugin_home_files',`
>  	gen_require(`
> -		type mozilla_plugin_home_t;
> +		type webbrowser_plugin_home_t;
>  	')
>  
> -	allow $1 mozilla_plugin_home_t:file execmod;
> +	allow $1 webbrowser_plugin_home_t:file execmod;
>  ')
>  
>  #######################################
>  ## <summary>
> -##	Read temporary mozilla files.
> +##	Read temporary web browser files.
>  ## </summary>
>  ## <param name="domain">
>  ##	<summary>
> @@ -267,17 +267,17 @@ interface(`mozilla_execmod_user_plugin_h
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_read_tmp_files',`
> +interface(`webbrowser_read_tmp_files',`
>  	gen_require(`
> -		type mozilla_tmp_t;
> +		type webbrowser_tmp_t;
>  	')
>  
> -	read_files_pattern($1, mozilla_tmp_t, mozilla_tmp_t)
> +	read_files_pattern($1, webbrowser_tmp_t, webbrowser_tmp_t)
>  ')
>  
>  ########################################
>  ## <summary>
> -##	Run mozilla in the mozilla domain.
> +##	Run web browser in the web browser domain.
>  ## </summary>
>  ## <param name="domain">
>  ##	<summary>
> @@ -285,19 +285,19 @@ interface(`mozilla_read_tmp_files',`
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_domtrans',`
> +interface(`webbrowser_domtrans',`
>  	gen_require(`
> -		type mozilla_t, mozilla_exec_t;
> +		type webbrowser_t, webbrowser_exec_t;
>  	')
>  
>  	corecmd_search_bin($1)
> -	domtrans_pattern($1, mozilla_exec_t, mozilla_t)
> +	domtrans_pattern($1, webbrowser_exec_t, webbrowser_t)
>  ')
>  
>  ########################################
>  ## <summary>
>  ##	Execute a domain transition to
> -##	run mozilla plugin.
> +##	run web browser plugin.
>  ## </summary>
>  ## <param name="domain">
>  ## <summary>
> @@ -305,20 +305,20 @@ interface(`mozilla_domtrans',`
>  ## </summary>
>  ## </param>
>  #
> -interface(`mozilla_domtrans_plugin',`
> +interface(`webbrowser_domtrans_plugin',`
>  	gen_require(`
> -		type mozilla_plugin_t, mozilla_plugin_exec_t;
> +		type webbrowser_plugin_t, webbrowser_plugin_exec_t;
>  	')
>  
>  	corecmd_search_bin($1)
> -	domtrans_pattern($1, mozilla_plugin_exec_t, mozilla_plugin_t)
> +	domtrans_pattern($1, webbrowser_plugin_exec_t, webbrowser_plugin_t)
>  ')
>  
>  ########################################
>  ## <summary>
> -##	Execute mozilla plugin in the
> -##	mozilla plugin domain, and allow
> -##	the specified role the mozilla
> +##	Execute web browser plugin in the
> +##	web browser plugin domain, and allow
> +##	the specified role the web browser
>  ##	plugin domain.
>  ## </summary>
>  ## <param name="domain">
> @@ -332,19 +332,19 @@ interface(`mozilla_domtrans_plugin',`
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_run_plugin',`
> +interface(`webbrowser_run_plugin',`
>  	gen_require(`
> -		attribute_role mozilla_plugin_roles;
> +		attribute_role webbrowser_plugin_roles;
>  	')
>  
> -	mozilla_domtrans_plugin($1)
> -	roleattribute $2 mozilla_plugin_roles;
> +	webbrowser_domtrans_plugin($1)
> +	roleattribute $2 webbrowser_plugin_roles;
>  ')
>  
>  ########################################
>  ## <summary>
>  ##	Execute a domain transition to
> -##	run mozilla plugin config.
> +##	run web browser plugin config.
>  ## </summary>
>  ## <param name="domain">
>  ## <summary>
> @@ -352,21 +352,21 @@ interface(`mozilla_run_plugin',`
>  ## </summary>
>  ## </param>
>  #
> -interface(`mozilla_domtrans_plugin_config',`
> +interface(`webbrowser_domtrans_plugin_config',`
>  	gen_require(`
> -		type mozilla_plugin_config_t, mozilla_plugin_config_exec_t;
> +		type webbrowser_plugin_config_t, webbrowser_plugin_config_exec_t;
>  	')
>  
>  	corecmd_search_bin($1)
> -	domtrans_pattern($1, mozilla_plugin_config_exec_t, mozilla_plugin_config_t)
> +	domtrans_pattern($1, webbrowser_plugin_config_exec_t, webbrowser_plugin_config_t)
>  ')
>  
>  ########################################
>  ## <summary>
> -##	Execute mozilla plugin config in
> -##	the mozilla plugin config domain,
> +##	Execute web browser plugin config in
> +##	the web browser plugin config domain,
>  ##	and allow the specified role the
> -##	mozilla plugin config domain.
> +##	web browser plugin config domain.
>  ## </summary>
>  ## <param name="domain">
>  ##	<summary>
> @@ -379,19 +379,19 @@ interface(`mozilla_domtrans_plugin_confi
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_run_plugin_config',`
> +interface(`webbrowser_run_plugin_config',`
>  	gen_require(`
> -		attribute_role mozilla_plugin_config_roles;
> +		attribute_role webbrowser_plugin_config_roles;
>  	')
>  
> -	mozilla_domtrans_plugin_config($1)
> -	roleattribute $2 mozilla_plugin_config_roles;
> +	webbrowser_domtrans_plugin_config($1)
> +	roleattribute $2 webbrowser_plugin_config_roles;
>  ')
>  
>  ########################################
>  ## <summary>
>  ##	Send and receive messages from
> -##	mozilla over dbus.
> +##	web browser over dbus.
>  ## </summary>
>  ## <param name="domain">
>  ##	<summary>
> @@ -399,20 +399,20 @@ interface(`mozilla_run_plugin_config',`
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_dbus_chat',`
> +interface(`webbrowser_dbus_chat',`
>  	gen_require(`
> -		type mozilla_t;
> +		type webbrowser_t;
>  		class dbus send_msg;
>  	')
>  
> -	allow $1 mozilla_t:dbus send_msg;
> -	allow mozilla_t $1:dbus send_msg;
> +	allow $1 webbrowser_t:dbus send_msg;
> +	allow webbrowser_t $1:dbus send_msg;
>  ')
>  
>  ########################################
>  ## <summary>
>  ##	Send and receive messages from
> -##	mozilla plugin over dbus.
> +##	web browser plugin over dbus.
>  ## </summary>
>  ## <param name="domain">
>  ##	<summary>
> @@ -420,19 +420,19 @@ interface(`mozilla_dbus_chat',`
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_dbus_chat_plugin',`
> +interface(`webbrowser_dbus_chat_plugin',`
>  	gen_require(`
> -		type mozilla_plugin_t;
> +		type webbrowser_plugin_t;
>  		class dbus send_msg;
>  	')
>  
> -	allow $1 mozilla_plugin_t:dbus send_msg;
> -	allow mozilla_plugin_t $1:dbus send_msg;
> +	allow $1 webbrowser_plugin_t:dbus send_msg;
> +	allow webbrowser_plugin_t $1:dbus send_msg;
>  ')
>  
>  ########################################
>  ## <summary>
> -##	Read and write mozilla TCP sockets.
> +##	Read and write web browser TCP sockets.
>  ## </summary>
>  ## <param name="domain">
>  ##	<summary>
> @@ -440,18 +440,18 @@ interface(`mozilla_dbus_chat_plugin',`
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_rw_tcp_sockets',`
> +interface(`webbrowser_rw_tcp_sockets',`
>  	gen_require(`
> -		type mozilla_t;
> +		type webbrowser_t;
>  	')
>  
> -	allow $1 mozilla_t:tcp_socket rw_socket_perms;
> +	allow $1 webbrowser_t:tcp_socket rw_socket_perms;
>  ')
>  
>  ########################################
>  ## <summary>
>  ##	Create, read, write, and delete
> -##	mozilla plugin rw files.
> +##	web browser plugin rw files.
>  ## </summary>
>  ## <param name="domain">
>  ##	<summary>
> @@ -459,18 +459,18 @@ interface(`mozilla_rw_tcp_sockets',`
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_manage_plugin_rw_files',`
> +interface(`webbrowser_manage_plugin_rw_files',`
>  	gen_require(`
> -		type mozilla_plugin_rw_t;
> +		type webbrowser_plugin_rw_t;
>  	')
>  
>  	libs_search_lib($1)
> -	manage_files_pattern($1, mozilla_plugin_rw_t, mozilla_plugin_rw_t)
> +	manage_files_pattern($1, webbrowser_plugin_rw_t, webbrowser_plugin_rw_t)
>  ')
>  
>  ########################################
>  ## <summary>
> -##	Read mozilla_plugin tmpfs files.
> +##	Read webbrowser_plugin tmpfs files.
>  ## </summary>
>  ## <param name="domain">
>  ##	<summary>
> @@ -478,18 +478,18 @@ interface(`mozilla_manage_plugin_rw_file
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_plugin_read_tmpfs_files',`
> +interface(`webbrowser_plugin_read_tmpfs_files',`
>  	gen_require(`
> -		type mozilla_plugin_tmpfs_t;
> +		type webbrowser_plugin_tmpfs_t;
>  	')
>  
>  	fs_search_tmpfs($1)
> -	allow $1 mozilla_plugin_tmpfs_t:file read_file_perms;
> +	allow $1 webbrowser_plugin_tmpfs_t:file read_file_perms;
>  ')
>  
>  ########################################
>  ## <summary>
> -##	Delete mozilla_plugin tmpfs files.
> +##	Delete webbrowser_plugin tmpfs files.
>  ## </summary>
>  ## <param name="domain">
>  ##	<summary>
> @@ -497,19 +497,19 @@ interface(`mozilla_plugin_read_tmpfs_fil
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_plugin_delete_tmpfs_files',`
> +interface(`webbrowser_plugin_delete_tmpfs_files',`
>  	gen_require(`
> -		type mozilla_plugin_tmpfs_t;
> +		type webbrowser_plugin_tmpfs_t;
>  	')
>  
>  	fs_search_tmpfs($1)
> -	allow $1 mozilla_plugin_tmpfs_t:file delete_file_perms;
> +	allow $1 webbrowser_plugin_tmpfs_t:file delete_file_perms;
>  ')
>  
>  ########################################
>  ## <summary>
>  ##	Create, read, write, and delete
> -##	generic mozilla plugin home content.
> +##	generic web browser plugin home content.
>  ## </summary>
>  ## <param name="domain">
>  ##	<summary>
> @@ -517,23 +517,23 @@ interface(`mozilla_plugin_delete_tmpfs_f
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_manage_generic_plugin_home_content',`
> +interface(`webbrowser_manage_generic_plugin_home_content',`
>  	gen_require(`
> -		type mozilla_plugin_home_t;
> +		type webbrowser_plugin_home_t;
>  	')
>  
>  	userdom_search_user_home_dirs($1)
> -	allow $1 mozilla_plugin_home_t:dir manage_dir_perms;
> -	allow $1 mozilla_plugin_home_t:file manage_file_perms;
> -	allow $1 mozilla_plugin_home_t:fifo_file manage_fifo_file_perms;
> -	allow $1 mozilla_plugin_home_t:lnk_file manage_lnk_file_perms;
> -	allow $1 mozilla_plugin_home_t:sock_file manage_sock_file_perms;
> +	allow $1 webbrowser_plugin_home_t:dir manage_dir_perms;
> +	allow $1 webbrowser_plugin_home_t:file manage_file_perms;
> +	allow $1 webbrowser_plugin_home_t:fifo_file manage_fifo_file_perms;
> +	allow $1 webbrowser_plugin_home_t:lnk_file manage_lnk_file_perms;
> +	allow $1 webbrowser_plugin_home_t:sock_file manage_sock_file_perms;
>  ')
>  
>  ########################################
>  ## <summary>
>  ##	Create objects in user home
> -##	directories with the generic mozilla
> +##	directories with the generic web browser
>  ##	plugin home type.
>  ## </summary>
>  ## <param name="domain">
> @@ -552,10 +552,10 @@ interface(`mozilla_manage_generic_plugin
>  ##	</summary>
>  ## </param>
>  #
> -interface(`mozilla_home_filetrans_plugin_home',`
> +interface(`webbrowser_home_filetrans_plugin_home',`
>  	gen_require(`
> -		type mozilla_plugin_home_t;
> +		type webbrowser_plugin_home_t;
>  	')
>  
> -	userdom_user_home_dir_filetrans($1, mozilla_plugin_home_t, $2, $3)
> +	userdom_user_home_dir_filetrans($1, webbrowser_plugin_home_t, $2, $3)
>  ')
> Index: refpolicy-2.20180701/policy/modules/roles/staff.te
> ===================================================================
> --- refpolicy-2.20180701.orig/policy/modules/roles/staff.te
> +++ refpolicy-2.20180701/policy/modules/roles/staff.te
> @@ -142,7 +142,7 @@ ifndef(`distro_redhat',`
>  	')
>  
>  	optional_policy(`
> -		mozilla_role(staff_r, staff_t)
> +		webbrowser_role(staff_r, staff_t)
>  	')
>  
>  	optional_policy(`
> Index: refpolicy-2.20180701/policy/modules/roles/sysadm.te
> ===================================================================
> --- refpolicy-2.20180701.orig/policy/modules/roles/sysadm.te
> +++ refpolicy-2.20180701/policy/modules/roles/sysadm.te
> @@ -652,7 +652,7 @@ optional_policy(`
>  ')
>  
>  optional_policy(`
> -	mozilla_role(sysadm_r, sysadm_t)
> +	webbrowser_role(sysadm_r, sysadm_t)
>  ')
>  
>  optional_policy(`
> Index: refpolicy-2.20180701/policy/modules/roles/unprivuser.te
> ===================================================================
> --- refpolicy-2.20180701.orig/policy/modules/roles/unprivuser.te
> +++ refpolicy-2.20180701/policy/modules/roles/unprivuser.te
> @@ -114,7 +114,7 @@ ifndef(`distro_redhat',`
>  	')
>  
>  	optional_policy(`
> -		mozilla_role(user_r, user_t)
> +		webbrowser_role(user_r, user_t)
>  	')
>  
>  	optional_policy(`
> Index: refpolicy-2.20180701/policy/modules/roles/xguest.te
> ===================================================================
> --- refpolicy-2.20180701.orig/policy/modules/roles/xguest.te
> +++ refpolicy-2.20180701/policy/modules/roles/xguest.te
> @@ -103,7 +103,7 @@ optional_policy(`
>  ')
>  
>  optional_policy(`
> -	mozilla_role(xguest_r, xguest_t)
> +	webbrowser_role(xguest_r, xguest_t)
>  ')
>  
>  optional_policy(`
> Index: refpolicy-2.20180701/policy/modules/admin/prelink.te
> ===================================================================
> --- refpolicy-2.20180701.orig/policy/modules/admin/prelink.te
> +++ refpolicy-2.20180701/policy/modules/admin/prelink.te
> @@ -141,7 +141,7 @@ optional_policy(`
>  ')
>  
>  optional_policy(`
> -	mozilla_manage_plugin_rw_files(prelink_t)
> +	webbrowser_manage_plugin_rw_files(prelink_t)
>  ')
>  
>  optional_policy(`
> Index: refpolicy-2.20180701/policy/modules/apps/evolution.te
> ===================================================================
> --- refpolicy-2.20180701.orig/policy/modules/apps/evolution.te
> +++ refpolicy-2.20180701/policy/modules/apps/evolution.te
> @@ -291,8 +291,8 @@ optional_policy(`
>  ')
>  
>  optional_policy(`
> -	mozilla_read_user_home_files(evolution_t)
> -	mozilla_domtrans(evolution_t)
> +	webbrowser_read_user_home_files(evolution_t)
> +	webbrowser_domtrans(evolution_t)
>  ')
>  
>  optional_policy(`
> Index: refpolicy-2.20180701/policy/modules/apps/gpg.te
> ===================================================================
> --- refpolicy-2.20180701.orig/policy/modules/apps/gpg.te
> +++ refpolicy-2.20180701/policy/modules/apps/gpg.te
> @@ -171,7 +171,7 @@ optional_policy(`
>  ')
>  
>  optional_policy(`
> -	mozilla_dontaudit_rw_user_home_files(gpg_t)
> +	webbrowser_dontaudit_rw_user_home_files(gpg_t)
>  ')
>  
>  optional_policy(`
> @@ -306,7 +306,7 @@ optional_policy(`
>  ')
>  
>  optional_policy(`
> -	mozilla_dontaudit_rw_user_home_files(gpg_agent_t)
> +	webbrowser_dontaudit_rw_user_home_files(gpg_agent_t)
>  ')
>  
>  optional_policy(`
> Index: refpolicy-2.20180701/policy/modules/apps/openoffice.te
> ===================================================================
> --- refpolicy-2.20180701.orig/policy/modules/apps/openoffice.te
> +++ refpolicy-2.20180701/policy/modules/apps/openoffice.te
> @@ -140,8 +140,8 @@ optional_policy(`
>  ')
>  
>  optional_policy(`
> -	mozilla_domtrans(ooffice_t)
> -	mozilla_read_tmp_files(ooffice_t)
> +	webbrowser_domtrans(ooffice_t)
> +	webbrowser_read_tmp_files(ooffice_t)
>  ')
>  
>  optional_policy(`
> Index: refpolicy-2.20180701/policy/modules/apps/seunshare.te
> ===================================================================
> --- refpolicy-2.20180701.orig/policy/modules/apps/seunshare.te
> +++ refpolicy-2.20180701/policy/modules/apps/seunshare.te
> @@ -39,6 +39,6 @@ ifdef(`hide_broken_symptoms', `
>  	fs_dontaudit_rw_anon_inodefs_files(seunshare_t)
>  
>  	optional_policy(`
> -		mozilla_dontaudit_manage_user_home_files(seunshare_t)
> +		webbrowser_dontaudit_manage_user_home_files(seunshare_t)
>  	')
>  ')
> Index: refpolicy-2.20180701/policy/modules/apps/thunderbird.te
> ===================================================================
> --- refpolicy-2.20180701.orig/policy/modules/apps/thunderbird.te
> +++ refpolicy-2.20180701/policy/modules/apps/thunderbird.te
> @@ -151,7 +151,7 @@ optional_policy(`
>  	')
>  
>  	optional_policy(`
> -		mozilla_dbus_chat(thunderbird_t)
> +		webbrowser_dbus_chat(thunderbird_t)
>  	')
>  ')
>  
> @@ -175,8 +175,8 @@ optional_policy(`
>  ')
>  
>  optional_policy(`
> -	mozilla_read_user_home_files(thunderbird_t)
> -	mozilla_domtrans(thunderbird_t)
> +	webbrowser_read_user_home_files(thunderbird_t)
> +	webbrowser_domtrans(thunderbird_t)
>  ')
>  
>  optional_policy(`
> Index: refpolicy-2.20180701/policy/modules/apps/wm.te
> ===================================================================
> --- refpolicy-2.20180701.orig/policy/modules/apps/wm.te
> +++ refpolicy-2.20180701/policy/modules/apps/wm.te
> @@ -126,7 +126,7 @@ optional_policy(`
>  ')
>  
>  optional_policy(`
> -	mozilla_dbus_chat(wm_domain)
> +	webbrowser_dbus_chat(wm_domain)
>  ')
>  
>  optional_policy(`