From: sven.vermeulen@siphos.be (Sven Vermeulen)
Date: Tue, 31 Jul 2012 21:28:49 +0200
Subject: [refpolicy] kdialog and Chromium
In-Reply-To: <5018308B.4040008@tresys.com>
References: <201207271614.43908.russell@coker.com.au>
	<20120727091218.GB13778@siphos.be> <501824C7.6020505@tresys.com>
	<20120731191312.GB17454@siphos.be> <5018308B.4040008@tresys.com>
Message-ID: <20120731192849.GD17454@siphos.be>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Tue, Jul 31, 2012 at 03:22:51PM -0400, Christopher J. PeBenito wrote:
> > I'm actually more inclined (and am trying to) support a downloads type where
> > browsers have the necessary rights to, but nowhere else. Browsers are a too
> > public attack vector lately so the less I need it to write (or even read)
> > user home content the better.
> 
> I can go for that solution too... like a mozilla_downloads_t, user_downloads_t, or similar.

I'm currently looking at the XDG patch I mentioned a while back. The XDG
standard defines some user-related locations (Downloads, Videos, Pictures)
which I currently have labeled xdg_downloads_home_t (etc.) and marked as
customizable (btw, took me a while to realise it is sufficient to just add 
"# customizable" after the type declaration to do so) so that users can mark
it easily themselves.

My XDG definitions:

~$ cat ~/.config/user-dirs.dirs 
XDG_DESKTOP_DIR="$HOME/Desktop"
XDG_DOWNLOAD_DIR="$HOME/Downloads"
XDG_TEMPLATES_DIR="$HOME/"
XDG_PUBLICSHARE_DIR="$HOME/Public"
XDG_DOCUMENTS_DIR="$HOME/Documents"
XDG_MUSIC_DIR="$HOME/Music"
XDG_PICTURES_DIR="$HOME/Pictures"
XDG_VIDEOS_DIR="$HOME/Videos"

Hence, xdg_downloads_home_t, xdg_videos_home_t, xdg_pictures_home_t and
xdg_music_home_t. Don't immediately see a need for the other ones though.

Wkr,
	Sven Vermeulen