2016-09-01 13:52:26

by guido

[permalink] [raw]
Subject: [refpolicy] [PATCH] gpg: public key signature verification in evolution

Let gpg verify public key signatures in the evolution mail client application.

Signed-off-by: Guido Trentalancia <[email protected]>
---
policy/modules/contrib/evolution.if | 21 +++++++++++++++++++++
policy/modules/contrib/gpg.te | 4 ++++
2 files changed, 25 insertions(+)

--- refpolicy-git-06082016-orig/policy/modules/contrib/evolution.if 2016-08-06 21:27:11.349094280 +0200
+++ refpolicy-git-06082016/policy/modules/contrib/evolution.if 2016-09-01 15:33:27.072148930 +0200
@@ -128,6 +128,27 @@ interface(`evolution_stream_connect',`

########################################
## <summary>
+## Read evolution orbit temporary
+## files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`evolution_read_orbit_tmp_t',`
+ gen_require(`
+ type evolution_orbit_tmp_t;
+ ')
+
+ files_search_tmp($1)
+ read_files_pattern($1, evolution_orbit_tmp_t, evolution_orbit_tmp_t)
+')
+
+
+########################################
+## <summary>
## Send and receive messages from
## evolution over dbus.
## </summary>
--- refpolicy-git-06082016-orig/policy/modules/contrib/gpg.te 2016-08-06 21:27:11.355094349 +0200
+++ refpolicy-git-06082016/policy/modules/contrib/gpg.te 2016-09-01 15:34:13.366784842 +0200
@@ -147,6 +147,10 @@ tunable_policy(`use_samba_home_dirs',`
')

optional_policy(`
+ evolution_read_orbit_tmp_t(gpg_t)
+ ')
+
+optional_policy(`
gnome_read_generic_home_content(gpg_t)
gnome_stream_connect_all_gkeyringd(gpg_t)
')


2016-09-01 23:26:27

by Chris PeBenito

[permalink] [raw]
Subject: [refpolicy] [PATCH] gpg: public key signature verification in evolution

On 09/01/16 09:52, Guido Trentalancia via refpolicy wrote:
> Let gpg verify public key signatures in the evolution mail client application.
>
> Signed-off-by: Guido Trentalancia <[email protected]>
> ---
> policy/modules/contrib/evolution.if | 21 +++++++++++++++++++++
> policy/modules/contrib/gpg.te | 4 ++++
> 2 files changed, 25 insertions(+)
>
> --- refpolicy-git-06082016-orig/policy/modules/contrib/evolution.if 2016-08-06 21:27:11.349094280 +0200
> +++ refpolicy-git-06082016/policy/modules/contrib/evolution.if 2016-09-01 15:33:27.072148930 +0200
> @@ -128,6 +128,27 @@ interface(`evolution_stream_connect',`
>
> ########################################
> ## <summary>
> +## Read evolution orbit temporary
> +## files.
> +## </summary>
> +## <param name="domain">
> +## <summary>
> +## Domain allowed access.
> +## </summary>
> +## </param>
> +#
> +interface(`evolution_read_orbit_tmp_t',`

evolution_read_orbit_tmp_files()


--
Chris PeBenito

2016-09-02 08:48:34

by Dac Override

[permalink] [raw]
Subject: [refpolicy] [PATCH] gpg: public key signature verification in evolution

On 09/02/2016 01:26 AM, Chris PeBenito via refpolicy wrote:
> On 09/01/16 09:52, Guido Trentalancia via refpolicy wrote:
>> Let gpg verify public key signatures in the evolution mail client application.
>>
>> Signed-off-by: Guido Trentalancia <[email protected]>
>> ---
>> policy/modules/contrib/evolution.if | 21 +++++++++++++++++++++
>> policy/modules/contrib/gpg.te | 4 ++++
>> 2 files changed, 25 insertions(+)
>>
>> --- refpolicy-git-06082016-orig/policy/modules/contrib/evolution.if 2016-08-06 21:27:11.349094280 +0200
>> +++ refpolicy-git-06082016/policy/modules/contrib/evolution.if 2016-09-01 15:33:27.072148930 +0200
>> @@ -128,6 +128,27 @@ interface(`evolution_stream_connect',`
>>
>> ########################################
>> ## <summary>
>> +## Read evolution orbit temporary
>> +## files.
>> +## </summary>
>> +## <param name="domain">
>> +## <summary>
>> +## Domain allowed access.
>> +## </summary>
>> +## </param>
>> +#
>> +interface(`evolution_read_orbit_tmp_t',`
>
> evolution_read_orbit_tmp_files()
>
>

You dont have to mention "orbit" at all. There are only sockets in
orbit, and push comes to show that's just a evolution socket. This file
is outside of orbit and so it have nothing to do with orbit

so i would just use evolution_read_tmp_files()

however eventually it probably need rw instead of r, For example when
you sign emails.

--
Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8 02D5 3B6C 5F1D 2C7B 6B02
https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02
Dominick Grift

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: OpenPGP digital signature
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20160902/6b43ccf9/attachment.bin

2016-09-02 11:26:42

by guido

[permalink] [raw]
Subject: [refpolicy] [PATCH] gpg: public key signature verification in evolution

Hello Dominick.

On Fri, 02/09/2016 at 10.48 +0200, Dominick Grift via refpolicy wrote:
> On 09/02/2016 01:26 AM, Chris PeBenito via refpolicy wrote:
> >
> > On 09/01/16 09:52, Guido Trentalancia via refpolicy wrote:
> > >
> > > Let gpg verify public key signatures in the evolution mail client
> > > application.
> > >
> > > Signed-off-by: Guido Trentalancia <[email protected]>
> > > ---
> > > ?policy/modules/contrib/evolution.if |???21 +++++++++++++++++++++
> > > ?policy/modules/contrib/gpg.te???????|????4 ++++
> > > ?2 files changed, 25 insertions(+)
> > >
> > > --- refpolicy-git-06082016-
> > > orig/policy/modules/contrib/evolution.if 2016-08-06
> > > 21:27:11.349094280 +0200
> > > +++ refpolicy-git-06082016/policy/modules/contrib/evolution.if
> > > 2016-09-01 15:33:27.072148930 +0200
> > > @@ -128,6 +128,27 @@ interface(`evolution_stream_connect',`
> > >
> > > ?########################################
> > > ?## <summary>
> > > +## Read evolution orbit temporary
> > > +## files.
> > > +## </summary>
> > > +## <param name="domain">
> > > +## <summary>
> > > +## Domain allowed access.
> > > +## </summary>
> > > +## </param>
> > > +#
> > > +interface(`evolution_read_orbit_tmp_t',`
> >
> > evolution_read_orbit_tmp_files()
> >
> >
>
> You dont have to mention "orbit" at all. There are only sockets in
> orbit, and push comes to show that's just a evolution socket. This
> file
> is outside of orbit and so it have nothing to do with orbit
>
> so i would just use evolution_read_tmp_files()
>
> however eventually it probably need rw instead of r, For example when
> you sign emails.

Let's try to sign this message and see if it also requires write
permissions...

Guido
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 213 bytes
Desc: This is a digitally signed message part
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20160902/8b95c9e6/attachment-0001.bin

2016-09-02 11:35:53

by guido

[permalink] [raw]
Subject: [refpolicy] [PATCH v2] gpg: public key signature verification in evolution

Let gpg verify public key signatures in the evolution mail client application.

It doesn't need write permissions on such files for signing/encrypting messages.

Signed-off-by: Guido Trentalancia <[email protected]>
---
policy/modules/contrib/evolution.if | 21 +++++++++++++++++++++
policy/modules/contrib/gpg.te | 4 ++++
2 files changed, 25 insertions(+)

--- refpolicy-git-06082016-orig/policy/modules/contrib/evolution.if 2016-08-06 21:27:11.349094280 +0200
+++ refpolicy-git-06082016/policy/modules/contrib/evolution.if 2016-09-01 15:33:27.072148930 +0200
@@ -128,6 +128,27 @@ interface(`evolution_stream_connect',`

########################################
## <summary>
+## Read evolution orbit temporary
+## files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`evolution_read_orbit_tmp_files',`
+ gen_require(`
+ type evolution_orbit_tmp_t;
+ ')
+
+ files_search_tmp($1)
+ read_files_pattern($1, evolution_orbit_tmp_t, evolution_orbit_tmp_t)
+')
+
+
+########################################
+## <summary>
## Send and receive messages from
## evolution over dbus.
## </summary>
--- refpolicy-git-06082016-orig/policy/modules/contrib/gpg.te 2016-08-06 21:27:11.355094349 +0200
+++ refpolicy-git-06082016/policy/modules/contrib/gpg.te 2016-09-01 15:34:13.366784842 +0200
@@ -147,6 +147,10 @@ tunable_policy(`use_samba_home_dirs',`
')

optional_policy(`
+ evolution_read_orbit_tmp_files(gpg_t)
+ ')
+
+optional_policy(`
gnome_read_generic_home_content(gpg_t)
gnome_stream_connect_all_gkeyringd(gpg_t)
')

2016-09-02 13:48:06

by Dac Override

[permalink] [raw]
Subject: [refpolicy] [PATCH] gpg: public key signature verification in evolution

On 09/02/2016 01:26 PM, Guido Trentalancia wrote:
> Hello Dominick.
>
> On Fri, 02/09/2016 at 10.48 +0200, Dominick Grift via refpolicy wrote:
>> On 09/02/2016 01:26 AM, Chris PeBenito via refpolicy wrote:
>>>
>>> On 09/01/16 09:52, Guido Trentalancia via refpolicy wrote:
>>>>
>>>> Let gpg verify public key signatures in the evolution mail client
>>>> application.
>>>>
>>>> Signed-off-by: Guido Trentalancia <[email protected]>
>>>> ---
>>>> policy/modules/contrib/evolution.if | 21 +++++++++++++++++++++
>>>> policy/modules/contrib/gpg.te | 4 ++++
>>>> 2 files changed, 25 insertions(+)
>>>>
>>>> --- refpolicy-git-06082016-
>>>> orig/policy/modules/contrib/evolution.if 2016-08-06
>>>> 21:27:11.349094280 +0200
>>>> +++ refpolicy-git-06082016/policy/modules/contrib/evolution.if
>>>> 2016-09-01 15:33:27.072148930 +0200
>>>> @@ -128,6 +128,27 @@ interface(`evolution_stream_connect',`
>>>>
>>>> ########################################
>>>> ## <summary>
>>>> +## Read evolution orbit temporary
>>>> +## files.
>>>> +## </summary>
>>>> +## <param name="domain">
>>>> +## <summary>
>>>> +## Domain allowed access.
>>>> +## </summary>
>>>> +## </param>
>>>> +#
>>>> +interface(`evolution_read_orbit_tmp_t',`
>>>
>>> evolution_read_orbit_tmp_files()
>>>
>>>
>>
>> You dont have to mention "orbit" at all. There are only sockets in
>> orbit, and push comes to show that's just a evolution socket. This
>> file
>> is outside of orbit and so it have nothing to do with orbit
>>
>> so i would just use evolution_read_tmp_files()
>>
>> however eventually it probably need rw instead of r, For example when
>> you sign emails.
>
> Let's try to sign this message and see if it also requires write
> permissions...
>

is that PGP/MIME or in-line signing? I dont use evolution so not sure if
it even support in-line signatures or PGP/MIME

Either way, would be easy enough to adjust if and when someone needs it

I still don't like the reference to orbit though

> Guido
>


--
Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8 02D5 3B6C 5F1D 2C7B 6B02
https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02
Dominick Grift

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: OpenPGP digital signature
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20160902/56c5ec4d/attachment.bin

2016-09-02 14:42:06

by guido

[permalink] [raw]
Subject: [refpolicy] [PATCH] gpg: public key signature verification in evolution

On Fri, 02/09/2016 at 15.48 +0200, Dominick Grift wrote:
> On 09/02/2016 01:26 PM, Guido Trentalancia wrote:
> >
> > Hello Dominick.
> >
> > On Fri, 02/09/2016 at 10.48 +0200, Dominick Grift via refpolicy
> > wrote:
> > >
> > > On 09/02/2016 01:26 AM, Chris PeBenito via refpolicy wrote:
> > > >
> > > >
> > > > On 09/01/16 09:52, Guido Trentalancia via refpolicy wrote:
> > > > >
> > > > >
> > > > > Let gpg verify public key signatures in the evolution mail
> > > > > client
> > > > > application.
> > > > >
> > > > > Signed-off-by: Guido Trentalancia <[email protected]>
> > > > > ---
> > > > > ?policy/modules/contrib/evolution.if |???21
> > > > > +++++++++++++++++++++
> > > > > ?policy/modules/contrib/gpg.te???????|????4 ++++
> > > > > ?2 files changed, 25 insertions(+)
> > > > >
> > > > > --- refpolicy-git-06082016-
> > > > > orig/policy/modules/contrib/evolution.if 2016-08-06
> > > > > 21:27:11.349094280 +0200
> > > > > +++ refpolicy-git-
> > > > > 06082016/policy/modules/contrib/evolution.if
> > > > > 2016-09-01 15:33:27.072148930 +0200
> > > > > @@ -128,6 +128,27 @@ interface(`evolution_stream_connect',`
> > > > >
> > > > > ?########################################
> > > > > ?## <summary>
> > > > > +## Read evolution orbit temporary
> > > > > +## files.
> > > > > +## </summary>
> > > > > +## <param name="domain">
> > > > > +## <summary>
> > > > > +## Domain allowed access.
> > > > > +## </summary>
> > > > > +## </param>
> > > > > +#
> > > > > +interface(`evolution_read_orbit_tmp_t',`
> > > >
> > > > evolution_read_orbit_tmp_files()
> > > >
> > > >
> > >
> > > You dont have to mention "orbit" at all. There are only sockets
> > > in
> > > orbit, and push comes to show that's just a evolution socket.
> > > This
> > > file
> > > is outside of orbit and so it have nothing to do with orbit
> > >
> > > so i would just use evolution_read_tmp_files()

There are different types of evolution temporary files, so it is
necessary to distinguish amongst them.

> > > however eventually it probably need rw instead of r, For example
> > > when
> > > you sign emails.
> >
> > Let's try to sign this message and see if it also requires write
> > permissions...

It doesn't require write permissions, as it is evident in the new
version of the patch.

> is that PGP/MIME or in-line signing? I dont use evolution so not sure
> if
> it even support in-line signatures or PGP/MIME

It's PGP signing. SMIME signing does not use gpg.

> Either way, would be easy enough to adjust if and when someone needs
> it

It works as it is, without write permissions on that temporary file.
There is nothing to adjust.

> I still don't like the reference to orbit though

See above (different types of temporary files).

Originally I typed a wrong name by mistake (you know, copy and paste
the type name).

I have now amended the name, as kindly suggested by Christopher. See
version 2.

Regards,

Guido

2016-09-02 14:46:27

by Dac Override

[permalink] [raw]
Subject: [refpolicy] [PATCH] gpg: public key signature verification in evolution

On 09/02/2016 04:42 PM, Guido Trentalancia via refpolicy wrote:
> On Fri, 02/09/2016 at 15.48 +0200, Dominick Grift wrote:
>> On 09/02/2016 01:26 PM, Guido Trentalancia wrote:
>>>
>>> Hello Dominick.
>>>
>>> On Fri, 02/09/2016 at 10.48 +0200, Dominick Grift via refpolicy
>>> wrote:
>>>>
>>>> On 09/02/2016 01:26 AM, Chris PeBenito via refpolicy wrote:
>>>>>
>>>>>
>>>>> On 09/01/16 09:52, Guido Trentalancia via refpolicy wrote:
>>>>>>
>>>>>>
>>>>>> Let gpg verify public key signatures in the evolution mail
>>>>>> client
>>>>>> application.
>>>>>>
>>>>>> Signed-off-by: Guido Trentalancia <[email protected]>
>>>>>> ---
>>>>>> policy/modules/contrib/evolution.if | 21
>>>>>> +++++++++++++++++++++
>>>>>> policy/modules/contrib/gpg.te | 4 ++++
>>>>>> 2 files changed, 25 insertions(+)
>>>>>>
>>>>>> --- refpolicy-git-06082016-
>>>>>> orig/policy/modules/contrib/evolution.if 2016-08-06
>>>>>> 21:27:11.349094280 +0200
>>>>>> +++ refpolicy-git-
>>>>>> 06082016/policy/modules/contrib/evolution.if
>>>>>> 2016-09-01 15:33:27.072148930 +0200
>>>>>> @@ -128,6 +128,27 @@ interface(`evolution_stream_connect',`
>>>>>>
>>>>>> ########################################
>>>>>> ## <summary>
>>>>>> +## Read evolution orbit temporary
>>>>>> +## files.
>>>>>> +## </summary>
>>>>>> +## <param name="domain">
>>>>>> +## <summary>
>>>>>> +## Domain allowed access.
>>>>>> +## </summary>
>>>>>> +## </param>
>>>>>> +#
>>>>>> +interface(`evolution_read_orbit_tmp_t',`
>>>>>
>>>>> evolution_read_orbit_tmp_files()
>>>>>
>>>>>
>>>>
>>>> You dont have to mention "orbit" at all. There are only sockets
>>>> in
>>>> orbit, and push comes to show that's just a evolution socket.
>>>> This
>>>> file
>>>> is outside of orbit and so it have nothing to do with orbit
>>>>
>>>> so i would just use evolution_read_tmp_files()
>
> There are different types of evolution temporary files, so it is
> necessary to distinguish amongst them.
>
>>>> however eventually it probably need rw instead of r, For example
>>>> when
>>>> you sign emails.
>>>
>>> Let's try to sign this message and see if it also requires write
>>> permissions...
>
> It doesn't require write permissions, as it is evident in the new
> version of the patch.
>
>> is that PGP/MIME or in-line signing? I dont use evolution so not sure
>> if
>> it even support in-line signatures or PGP/MIME
>
> It's PGP signing. SMIME signing does not use gpg.
>

I think there is a misunderstanding PGP/MIME will (AFAIK) attach the
signature in a separate file whereas in-line signing adds the signature
to the actual message instead.

Anyhow no big deal.

>> Either way, would be easy enough to adjust if and when someone needs
>> it
>
> It works as it is, without write permissions on that temporary file.
> There is nothing to adjust.
>
>> I still don't like the reference to orbit though
>
> See above (different types of temporary files).
>
> Originally I typed a wrong name by mistake (you know, copy and paste
> the type name).
>
> I have now amended the name, as kindly suggested by Christopher. See
> version 2.
>

Okay, that is not what i was referring to but fine.

> Regards,
>
> Guido
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy
>


--
Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8 02D5 3B6C 5F1D 2C7B 6B02
https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02
Dominick Grift

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: OpenPGP digital signature
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20160902/bc776eec/attachment.bin

2016-09-02 15:02:41

by guido

[permalink] [raw]
Subject: [refpolicy] [PATCH] gpg: public key signature verification in evolution

Hello Dominick.

On Fri, 02/09/2016 at 16.46 +0200, Dominick Grift via refpolicy wrote:
> On 09/02/2016 04:42 PM, Guido Trentalancia via refpolicy wrote:
> >
> > On Fri, 02/09/2016 at 15.48 +0200, Dominick Grift wrote:

[...]

> > > > > however eventually it probably need rw instead of r, For
> > > > > example
> > > > > when
> > > > > you sign emails.
> > > >
> > > > Let's try to sign this message and see if it also requires
> > > > write
> > > > permissions...
> >
> > It doesn't require write permissions, as it is evident in the new
> > version of the patch.
> >
> > >
> > > is that PGP/MIME or in-line signing? I dont use evolution so not
> > > sure
> > > if
> > > it even support in-line signatures or PGP/MIME
> >
> > It's PGP signing. SMIME signing does not use gpg.
> >
>
> I think there is a misunderstanding PGP/MIME will (AFAIK) attach the
> signature in a separate file whereas in-line signing adds the
> signature
> to the actual message instead.

Yes, it's openPGP/MIME. The same as in your messages.

I have signed this message too, so that you can check.

> Anyhow no big deal.

Regards,

Guido
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 213 bytes
Desc: This is a digitally signed message part
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20160902/c17a6ae8/attachment.bin

2016-09-02 15:09:06

by Dac Override

[permalink] [raw]
Subject: [refpolicy] [PATCH] gpg: public key signature verification in evolution

On 09/02/2016 05:02 PM, Guido Trentalancia via refpolicy wrote:
> Hello Dominick.
>
> On Fri, 02/09/2016 at 16.46 +0200, Dominick Grift via refpolicy wrote:
>> On 09/02/2016 04:42 PM, Guido Trentalancia via refpolicy wrote:
>>>
>>> On Fri, 02/09/2016 at 15.48 +0200, Dominick Grift wrote:
>
> [...]
>
>>>>>> however eventually it probably need rw instead of r, For
>>>>>> example
>>>>>> when
>>>>>> you sign emails.
>>>>>
>>>>> Let's try to sign this message and see if it also requires
>>>>> write
>>>>> permissions...
>>>
>>> It doesn't require write permissions, as it is evident in the new
>>> version of the patch.
>>>
>>>>
>>>> is that PGP/MIME or in-line signing? I dont use evolution so not
>>>> sure
>>>> if
>>>> it even support in-line signatures or PGP/MIME
>>>
>>> It's PGP signing. SMIME signing does not use gpg.
>>>
>>
>> I think there is a misunderstanding PGP/MIME will (AFAIK) attach the
>> signature in a separate file whereas in-line signing adds the
>> signature
>> to the actual message instead.
>
> Yes, it's openPGP/MIME. The same as in your messages.

Okay fine, I think it might need read/write if one encloses signatures
in mail messages in-line

>
> I have signed this message too, so that you can check.
>
>> Anyhow no big deal.
>
> Regards,
>
> Guido
>
>
>
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy
>


--
Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8 02D5 3B6C 5F1D 2C7B 6B02
https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02
Dominick Grift

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: OpenPGP digital signature
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20160902/e2646f2f/attachment.bin

2016-09-02 15:31:03

by guido

[permalink] [raw]
Subject: [refpolicy] [PATCH] gpg: public key signature verification in evolution

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Fri, 02/09/2016 at 17.09 +0200, Dominick Grift via refpolicy wrote:
> On 09/02/2016 05:02 PM, Guido Trentalancia via refpolicy wrote:

[...]

> > > > > > > however eventually it probably need rw instead of r, For
> > > > > > > example
> > > > > > > when
> > > > > > > you sign emails.
> > > > > >
> > > > > > Let's try to sign this message and see if it also requires
> > > > > > write
> > > > > > permissions...
> > > >
> > > > It doesn't require write permissions, as it is evident in the
> > > > new
> > > > version of the patch.
> > > >
> > > > >
> > > > >
> > > > > is that PGP/MIME or in-line signing? I dont use evolution so
> > > > > not
> > > > > sure
> > > > > if
> > > > > it even support in-line signatures or PGP/MIME
> > > >
> > > > It's PGP signing. SMIME signing does not use gpg.
> > > >
> > >
> > > I think there is a misunderstanding PGP/MIME will (AFAIK) attach
> > > the
> > > signature in a separate file whereas in-line signing adds the
> > > signature
> > > to the actual message instead.
> >
> > Yes, it's openPGP/MIME. The same as in your messages.
>
> Okay fine, I think it might need read/write if one encloses
> signatures
> in mail messages in-line

This one seems to be difficult...

It doesn't need the write permission for signing messages, whatever
signing method you choose.

It only needs read permissions for signing messages !

Guido
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iF4EAREIAAYFAlfJmz4ACgkQdvBbOlZ5jsk2+gEAjsXkVGF12qs6iGnqhaISsNbf
a/d7+BRBJG6MGJQATvMBAL2vj7fIhPeo7NYegTfliAIhPPKMPTjA/1dUJm57HkE7
=R0KM
-----END PGP SIGNATURE-----

2016-09-02 15:38:44

by Dac Override

[permalink] [raw]
Subject: [refpolicy] [PATCH] gpg: public key signature verification in evolution

On 09/02/2016 05:31 PM, Guido Trentalancia via refpolicy wrote:
> On Fri, 02/09/2016 at 17.09 +0200, Dominick Grift via refpolicy wrote:
>> On 09/02/2016 05:02 PM, Guido Trentalancia via refpolicy wrote:
>
> [...]
>
>>>>>>>> however eventually it probably need rw instead of r, For
>>>>>>>> example
>>>>>>>> when
>>>>>>>> you sign emails.
>>>>>>>
>>>>>>> Let's try to sign this message and see if it also requires
>>>>>>> write
>>>>>>> permissions...
>>>>>
>>>>> It doesn't require write permissions, as it is evident in the
>>>>> new
>>>>> version of the patch.
>>>>>
>>>>>>
>>>>>>
>>>>>> is that PGP/MIME or in-line signing? I dont use evolution so
>>>>>> not
>>>>>> sure
>>>>>> if
>>>>>> it even support in-line signatures or PGP/MIME
>>>>>
>>>>> It's PGP signing. SMIME signing does not use gpg.
>>>>>
>>>>
>>>> I think there is a misunderstanding PGP/MIME will (AFAIK) attach
>>>> the
>>>> signature in a separate file whereas in-line signing adds the
>>>> signature
>>>> to the actual message instead.
>>>
>>> Yes, it's openPGP/MIME. The same as in your messages.
>
>> Okay fine, I think it might need read/write if one encloses
>> signatures
>> in mail messages in-line
>
> This one seems to be difficult...
>
> It doesn't need the write permission for signing messages, whatever
> signing method you choose.
>
> It only needs read permissions for signing messages !
>

Okay, at least we now know.

> Guido
>
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy
>

--
Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8 02D5 3B6C 5F1D 2C7B 6B02
https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02
Dominick Grift

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: OpenPGP digital signature
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20160902/56abf458/attachment-0001.bin

2016-09-27 14:55:32

by guido

[permalink] [raw]
Subject: [refpolicy] [PATCH v2] gpg: public key signature verification in evolution

Hello Christopher !

For some strage reason, I believe this patch has not been applied yet.

Could you please double-check ?

Best regards,

Guido

On 02/09/2016 at 13.35 +0200, Guido Trentalancia via refpolicy wrote:
> Let gpg verify public key signatures in the evolution mail client
> application.
>
> It doesn't need write permissions on such files for
> signing/encrypting messages.
>
> Signed-off-by: Guido Trentalancia <[email protected]>
> ---
> ?policy/modules/contrib/evolution.if |???21 +++++++++++++++++++++
> ?policy/modules/contrib/gpg.te???????|????4 ++++
> ?2 files changed, 25 insertions(+)
>
> --- refpolicy-git-06082016-orig/policy/modules/contrib/evolution.if
> 2016-08-06 21:27:11.349094280 +0200
> +++ refpolicy-git-06082016/policy/modules/contrib/evolution.if
> 2016-09-01 15:33:27.072148930 +0200
> @@ -128,6 +128,27 @@ interface(`evolution_stream_connect',`
> ?
> ?########################################
> ?## <summary>
> +## Read evolution orbit temporary
> +## files.
> +## </summary>
> +## <param name="domain">
> +## <summary>
> +## Domain allowed access.
> +## </summary>
> +## </param>
> +#
> +interface(`evolution_read_orbit_tmp_files',`
> + gen_require(`
> + type evolution_orbit_tmp_t;
> + ')
> +
> + files_search_tmp($1)
> + read_files_pattern($1, evolution_orbit_tmp_t,
> evolution_orbit_tmp_t)
> +')
> +
> +
> +########################################
> +## <summary>
> ?## Send and receive messages from
> ?## evolution over dbus.
> ?## </summary>
> --- refpolicy-git-06082016-orig/policy/modules/contrib/gpg.te
> 2016-08-06 21:27:11.355094349 +0200
> +++ refpolicy-git-06082016/policy/modules/contrib/gpg.te 2016-
> 09-01 15:34:13.366784842 +0200
> @@ -147,6 +147,10 @@ tunable_policy(`use_samba_home_dirs',`
> ?')
> ?
> ?optional_policy(`
> + evolution_read_orbit_tmp_files(gpg_t)
> + ')
> +
> +optional_policy(`
> ? gnome_read_generic_home_content(gpg_t)
> ? gnome_stream_connect_all_gkeyringd(gpg_t)
> ?')
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy
--
This message contains confidential information intended only for the use
of the addressee(s). If you are not the intended recipient, please
contact the sender by return e-mail and destroy all copies of the
original message.

2016-09-27 22:32:09

by Chris PeBenito

[permalink] [raw]
Subject: [refpolicy] [PATCH v2] gpg: public key signature verification in evolution

On 09/27/16 10:55, Guido Trentalancia wrote:
> Hello Christopher !
>
> For some strage reason, I believe this patch has not been applied yet.
>
> Could you please double-check ?

Sorry about that, it's merged now.


> On 02/09/2016 at 13.35 +0200, Guido Trentalancia via refpolicy wrote:
>> Let gpg verify public key signatures in the evolution mail client
>> application.
>>
>> It doesn't need write permissions on such files for
>> signing/encrypting messages.
>>
>> Signed-off-by: Guido Trentalancia <[email protected]>
>> ---
>> policy/modules/contrib/evolution.if | 21 +++++++++++++++++++++
>> policy/modules/contrib/gpg.te | 4 ++++
>> 2 files changed, 25 insertions(+)
>>
>> --- refpolicy-git-06082016-orig/policy/modules/contrib/evolution.if
>> 2016-08-06 21:27:11.349094280 +0200
>> +++ refpolicy-git-06082016/policy/modules/contrib/evolution.if
>> 2016-09-01 15:33:27.072148930 +0200
>> @@ -128,6 +128,27 @@ interface(`evolution_stream_connect',`
>>
>> ########################################
>> ## <summary>
>> +## Read evolution orbit temporary
>> +## files.
>> +## </summary>
>> +## <param name="domain">
>> +## <summary>
>> +## Domain allowed access.
>> +## </summary>
>> +## </param>
>> +#
>> +interface(`evolution_read_orbit_tmp_files',`
>> + gen_require(`
>> + type evolution_orbit_tmp_t;
>> + ')
>> +
>> + files_search_tmp($1)
>> + read_files_pattern($1, evolution_orbit_tmp_t,
>> evolution_orbit_tmp_t)
>> +')
>> +
>> +
>> +########################################
>> +## <summary>
>> ## Send and receive messages from
>> ## evolution over dbus.
>> ## </summary>
>> --- refpolicy-git-06082016-orig/policy/modules/contrib/gpg.te
>> 2016-08-06 21:27:11.355094349 +0200
>> +++ refpolicy-git-06082016/policy/modules/contrib/gpg.te 2016-
>> 09-01 15:34:13.366784842 +0200
>> @@ -147,6 +147,10 @@ tunable_policy(`use_samba_home_dirs',`
>> ')
>>
>> optional_policy(`
>> + evolution_read_orbit_tmp_files(gpg_t)
>> + ')
>> +
>> +optional_policy(`
>> gnome_read_generic_home_content(gpg_t)
>> gnome_stream_connect_all_gkeyringd(gpg_t)
>> ')


--
Chris PeBenito