From: sven.vermeulen@siphos.be (Sven Vermeulen) Date: Tue, 31 Jul 2012 21:28:49 +0200 Subject: [refpolicy] kdialog and Chromium In-Reply-To: <5018308B.4040008@tresys.com> References: <201207271614.43908.russell@coker.com.au> <20120727091218.GB13778@siphos.be> <501824C7.6020505@tresys.com> <20120731191312.GB17454@siphos.be> <5018308B.4040008@tresys.com> Message-ID: <20120731192849.GD17454@siphos.be> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Tue, Jul 31, 2012 at 03:22:51PM -0400, Christopher J. PeBenito wrote: > > I'm actually more inclined (and am trying to) support a downloads type where > > browsers have the necessary rights to, but nowhere else. Browsers are a too > > public attack vector lately so the less I need it to write (or even read) > > user home content the better. > > I can go for that solution too... like a mozilla_downloads_t, user_downloads_t, or similar. I'm currently looking at the XDG patch I mentioned a while back. The XDG standard defines some user-related locations (Downloads, Videos, Pictures) which I currently have labeled xdg_downloads_home_t (etc.) and marked as customizable (btw, took me a while to realise it is sufficient to just add "# customizable" after the type declaration to do so) so that users can mark it easily themselves. My XDG definitions: ~$ cat ~/.config/user-dirs.dirs XDG_DESKTOP_DIR="$HOME/Desktop" XDG_DOWNLOAD_DIR="$HOME/Downloads" XDG_TEMPLATES_DIR="$HOME/" XDG_PUBLICSHARE_DIR="$HOME/Public" XDG_DOCUMENTS_DIR="$HOME/Documents" XDG_MUSIC_DIR="$HOME/Music" XDG_PICTURES_DIR="$HOME/Pictures" XDG_VIDEOS_DIR="$HOME/Videos" Hence, xdg_downloads_home_t, xdg_videos_home_t, xdg_pictures_home_t and xdg_music_home_t. Don't immediately see a need for the other ones though. Wkr, Sven Vermeulen