From: nicky726@gmail.com (Nicky 726) Date: Thu, 10 Sep 2009 15:12:59 +0200 Subject: [refpolicy] Basic policy for KDE and Konqueror, 2nd look Message-ID: To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Hello, Dominick Grift wrote: >> ######################################## >> ## >> ## ? ?Create file, dir, links of specified type in >> ## ?kde_shared_home_t dirs with type transition >> ## >> ## >> ## ? ? >> ## ? ?Domain allowed access >> ## ? ? >> ## >> ## >> ## ? ? >> ## ? ?Private type of created object >> ## ? ? >> ## >> # >> interface(`files_kde_home_filetrans',` >> ? ? ? gen_require(` >> ? ? ? ? ? ? ? type kde_shared_home_t; >> ? ? ? ') >> >> ? ? ? ? ?type_transition $1 kde_shared_home_t:{ file lnk_file sock_file dir } $2; >> >> ') > This is a bad idea. processes should not type transition to type that they do not own. > use manage_files_pattern instead. >> This is because of konqueror config files in directory ~/.kde/share/config/. The directory has type kde_shared_home_t and config files konqueror_home_t. Now, when theese files are rewritten, they switch to directory type kde_shared_home_t without this type transition. This is unwanted, as they should hold their own type konqueror_home_t. I tried to keep the functionality with manage_files_pattern, but I was unsuccecful. When I think of it more, I don't agree that process is type transitioning to type that it doesn't own. As it is called by process konqueror_t and the files switch to type konqueror_home_t. But it can probably be called with whatever type one wants, though it is not in my policy, so I think it is not an issue, or is it? Thanks for your time, Ondrej Vadinsky -- "Don't it always seem to go That you don't know what you've got Till it's gone." (Joni Mitchell)