From: guido@trentalancia.com (Guido Trentalancia)
Date: Thu, 06 Sep 2012 18:31:21 +0200
Subject: [refpolicy] [PATCH 2/3] user access to DOS files
In-Reply-To: <20120906162401.79ccd07b@eldamar.bigon.be>
References: <1346793669-26282-1-git-send-email-bigon@debian.org>
	<1346793669-26282-2-git-send-email-bigon@debian.org>
	<20120906162401.79ccd07b@eldamar.bigon.be>
Message-ID: <5048CFD9.2080408@trentalancia.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 06/09/2012 16:24, Laurent Bigonville wrote:
> Le Tue,  4 Sep 2012 23:21:08 +0200,
> Laurent Bigonville <bigon@debian.org> a ?crit :
>
>> +	tunable_policy(`user_manage_dos_files',`
>> +		fs_manage_dos_dirs($1_t)
>> +		fs_manage_dos_files($1_t)
>> +	')
>> +
>>   ')
>
> I was reading the code further and isn't the proposed patch actually
> redundant with user_rw_noexattrfile?
>
>          tunable_policy(`user_rw_noexattrfile',`
>                  fs_manage_noxattr_fs_files($1_t)
>                  fs_manage_noxattr_fs_dirs($1_t)
>          ',`
>                  fs_read_noxattr_fs_files($1_t)
>          ')
>
> So shouldn't the proposed patch simply be dropped?

Fortunately, it has not been applied, I think. And if it causes problems 
and degradation of current policy, as you now recognize, why did you 
post it in the first place then ?

> Cheers
>
> Laurent Bigonville