-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Added-KDE-and-Konqueror-policy.patch
Type: text/x-patch
Size: 16497 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20100130/c3ce5909/attachment.bin
On 01/30/2010 04:02 PM, Nicky726 wrote:
>
Just some comments and suggestions below:
> allow konqueror_t $2:process signal_perms;
I would call an interface in the user domain instead
> + dontaudit $2 konqueror_t:process { noatsecure siginh rlimitinh };
This is most likely not required
> + # X access, Home files
> + manage_dirs_pattern($2, konqueror_home_t, konqueror_home_t)
> + manage_files_pattern($2, konqueror_home_t, konqueror_home_t)
> + manage_lnk_files_pattern($2, konqueror_home_t, konqueror_home_t)
> + relabel_dirs_pattern($2, konqueror_home_t, konqueror_home_t)
> + relabel_files_pattern($2, konqueror_home_t, konqueror_home_t)
> + relabel_lnk_files_pattern($2, konqueror_home_t, konqueror_home_t)
This is most likely not required ( is included with
userdom_user_home_content()
yet:
> +# Temp acces for konqueror
> +manage_dirs_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t)
> +manage_lnk_files_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t)
> +manage_sock_files_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t)
> +manage_files_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t)
This does probably require the user to be able to manage it
> +corenet_tcp_sendrecv_all_if(konqueror_t)
> +corenet_tcp_sendrecv_all_nodes(konqueror_t)
> +corenet_tcp_sendrecv_all_ports(konqueror_t)
use generic instead of all
> +# Use shared libs
> +libs_use_ld_so(konqueror_t)
> +libs_use_shared_libs(konqueror_t)
Not required
> +xserver_read_xdm_tmp_files(konqueror_t)
> +xserver_read_user_xauth(konqueror_t)
> +xserver_stream_connect(konqueror_t) #connect to xserver
> +xserver_stream_connect_xdm(konqueror_t) #connect to xdm xserver
Probably better to use xserver_user_x_domain_template()
> + konqueror_role(staff_r, staff_t)
> +')
> +
Should probably go into userdomain (common use template), but i believe
that for reference policy these calls are not required at all (gets
called automatically)
> + konqueror_role(user_r, user_t)
> +')
Same as above
> + konqueror_role(unconfined_r, unconfined_t)
> +')
> +
Not sure whether it is a good idea run let unconfined_t transition
> +HOME_DIR/\.kde/share/config/konq_history -- gen_context(system_u:object_r:konqueror_home_t,s0)
> +
> +HOME_DIR/\.kde/share/config/konquerorrc -- gen_context(system_u:object_r:konqueror_home_t,s0)
> +
> +HOME_DIR/\.kde/share/config/konqsidebartng.rc -- gen_context(system_u:object_r:konqueror_home_t,s0)
> +
> +HOME_DIR/\.kde/share/config/kuriikwsfilterrc -- gen_context(system_u:object_r:konqueror_home_t,s0)
> +
> +HOME_DIR/\.kde/share/apps/konqueror(/.*)? gen_context(system_u:object_r:konqueror_home_t,s0)
> +
> +HOME_DIR/\.kde/share/apps/khtml(/.*)? gen_context(system_u:object_r:konqueror_home_t,s0)
Why not just kde_shared_home_t for everything in ~/.kde
> + #allow $2 konqueror_t:fd use;
> + #allow $2 konqueror_t:shm { associate getattr };
> + #allow $2 konqueror_t:shm { unix_read unix_write };
Not required i believe.
> +# Temp acces for konqueror
> +manage_dirs_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t)
> +manage_lnk_files_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t)
> +manage_sock_files_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t)
> +manage_files_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t)
where is the file trans pattern? files_tmp_filetrans
> +gen_tunable(konqueror_exec_bin_t, false)
This shouldnt be tunable
> + #allow $2 konqueror_t:unix_stream_socket connectto;
i would use konqueror_stream_connect($2)
>
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20100130/01c50b08/attachment.bin