From: russell@coker.com.au (Russell Coker) Date: Fri, 27 Jul 2012 16:14:43 +1000 Subject: [refpolicy] kdialog and Chromium Message-ID: <201207271614.43908.russell@coker.com.au> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Currently on Debian/Wheezy it's impossible to download files in Chromium when you are running a KDE session. Chromium launches kdialog to display the dialog box to ask where the file should be saves. kdialog wants to write to files such as ~/.kde/share/config/kdebugrc.lock which isn't permitted for mozilla_t. One possibility that occurs to me is to have kdialog transition to user_t. Transitioning from mozilla_t isn't generally a good thing, and breaks the case of running mozilla_t from multiple user domains (multiple user domains is essentially a broken feature of the policy anyway). Apart from modifying kdialog to not depend on the ability to write to kdebugrc.lock what can I do to solve this? -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/