From: domg472@gmail.com (Dominick Grift) Date: Sat, 30 Jan 2010 16:29:51 +0100 Subject: [refpolicy] [PATCH 1/1] Added KDE and Konqueror policy. Made necessary changes in staff, unprivuser and unconfined, for it to work. In-Reply-To: <201001301602.31982.Nicky726@gmail.com> References: <201001301602.31982.Nicky726@gmail.com> Message-ID: <4B64506F.5070708@gmail.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 01/30/2010 04:02 PM, Nicky726 wrote: > Just some comments and suggestions below: > allow konqueror_t $2:process signal_perms; I would call an interface in the user domain instead > + dontaudit $2 konqueror_t:process { noatsecure siginh rlimitinh }; This is most likely not required > + # X access, Home files > + manage_dirs_pattern($2, konqueror_home_t, konqueror_home_t) > + manage_files_pattern($2, konqueror_home_t, konqueror_home_t) > + manage_lnk_files_pattern($2, konqueror_home_t, konqueror_home_t) > + relabel_dirs_pattern($2, konqueror_home_t, konqueror_home_t) > + relabel_files_pattern($2, konqueror_home_t, konqueror_home_t) > + relabel_lnk_files_pattern($2, konqueror_home_t, konqueror_home_t) This is most likely not required ( is included with userdom_user_home_content() yet: > +# Temp acces for konqueror > +manage_dirs_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t) > +manage_lnk_files_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t) > +manage_sock_files_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t) > +manage_files_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t) This does probably require the user to be able to manage it > +corenet_tcp_sendrecv_all_if(konqueror_t) > +corenet_tcp_sendrecv_all_nodes(konqueror_t) > +corenet_tcp_sendrecv_all_ports(konqueror_t) use generic instead of all > +# Use shared libs > +libs_use_ld_so(konqueror_t) > +libs_use_shared_libs(konqueror_t) Not required > +xserver_read_xdm_tmp_files(konqueror_t) > +xserver_read_user_xauth(konqueror_t) > +xserver_stream_connect(konqueror_t) #connect to xserver > +xserver_stream_connect_xdm(konqueror_t) #connect to xdm xserver Probably better to use xserver_user_x_domain_template() > + konqueror_role(staff_r, staff_t) > +') > + Should probably go into userdomain (common use template), but i believe that for reference policy these calls are not required at all (gets called automatically) > + konqueror_role(user_r, user_t) > +') Same as above > + konqueror_role(unconfined_r, unconfined_t) > +') > + Not sure whether it is a good idea run let unconfined_t transition > +HOME_DIR/\.kde/share/config/konq_history -- gen_context(system_u:object_r:konqueror_home_t,s0) > + > +HOME_DIR/\.kde/share/config/konquerorrc -- gen_context(system_u:object_r:konqueror_home_t,s0) > + > +HOME_DIR/\.kde/share/config/konqsidebartng.rc -- gen_context(system_u:object_r:konqueror_home_t,s0) > + > +HOME_DIR/\.kde/share/config/kuriikwsfilterrc -- gen_context(system_u:object_r:konqueror_home_t,s0) > + > +HOME_DIR/\.kde/share/apps/konqueror(/.*)? gen_context(system_u:object_r:konqueror_home_t,s0) > + > +HOME_DIR/\.kde/share/apps/khtml(/.*)? gen_context(system_u:object_r:konqueror_home_t,s0) Why not just kde_shared_home_t for everything in ~/.kde > + #allow $2 konqueror_t:fd use; > + #allow $2 konqueror_t:shm { associate getattr }; > + #allow $2 konqueror_t:shm { unix_read unix_write }; Not required i believe. > +# Temp acces for konqueror > +manage_dirs_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t) > +manage_lnk_files_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t) > +manage_sock_files_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t) > +manage_files_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t) where is the file trans pattern? files_tmp_filetrans > +gen_tunable(konqueror_exec_bin_t, false) This shouldnt be tunable > + #allow $2 konqueror_t:unix_stream_socket connectto; i would use konqueror_stream_connect($2) > > _______________________________________________ > refpolicy mailing list > refpolicy at oss.tresys.com > http://oss.tresys.com/mailman/listinfo/refpolicy -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 261 bytes Desc: OpenPGP digital signature Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20100130/01c50b08/attachment.bin