From: russell@coker.com.au (Russell Coker)
Date: Fri, 27 Jul 2012 16:14:43 +1000
Subject: [refpolicy] kdialog and Chromium
Message-ID: <201207271614.43908.russell@coker.com.au>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Currently on Debian/Wheezy it's impossible to download files in Chromium when 
you are running a KDE session.

Chromium launches kdialog to display the dialog box to ask where the file 
should be saves.  kdialog wants to write to files such as 
~/.kde/share/config/kdebugrc.lock which isn't permitted for mozilla_t.

One possibility that occurs to me is to have kdialog transition to user_t.  
Transitioning from mozilla_t isn't generally a good thing, and breaks the case 
of running mozilla_t from multiple user domains (multiple user domains is 
essentially a broken feature of the policy anyway).

Apart from modifying kdialog to not depend on the ability to write to 
kdebugrc.lock what can I do to solve this?

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/