2010-01-30 20:23:56

by stefan

[permalink] [raw]
Subject: [refpolicy] [PATCH 1/1] Add an interface for listing contents of user home directories.


Signed-off-by: Stefan Schulze Frielinghaus <[email protected]>
---
policy/modules/system/userdomain.if | 18 ++++++++++++++++++
1 files changed, 18 insertions(+), 0 deletions(-)

diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index f209ccf..1f234ef 100644
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -1414,6 +1414,24 @@ interface(`userdom_dontaudit_search_user_home_dirs',`

########################################
## <summary>
+## List contents of users home directory.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`userdom_list_user_home_content',`
+ gen_require(`
+ type user_home_t;
+ ')
+
+ allow $1 user_home_t:dir list_dir_perms;
+')
+
+########################################
+## <summary>
## List user home directories.
## </summary>
## <param name="domain">
--
1.6.6