From: guido@trentalancia.com (Guido Trentalancia) Date: Thu, 06 Sep 2012 18:31:21 +0200 Subject: [refpolicy] [PATCH 2/3] user access to DOS files In-Reply-To: <20120906162401.79ccd07b@eldamar.bigon.be> References: <1346793669-26282-1-git-send-email-bigon@debian.org> <1346793669-26282-2-git-send-email-bigon@debian.org> <20120906162401.79ccd07b@eldamar.bigon.be> Message-ID: <5048CFD9.2080408@trentalancia.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 06/09/2012 16:24, Laurent Bigonville wrote: > Le Tue, 4 Sep 2012 23:21:08 +0200, > Laurent Bigonville a ?crit : > >> + tunable_policy(`user_manage_dos_files',` >> + fs_manage_dos_dirs($1_t) >> + fs_manage_dos_files($1_t) >> + ') >> + >> ') > > I was reading the code further and isn't the proposed patch actually > redundant with user_rw_noexattrfile? > > tunable_policy(`user_rw_noexattrfile',` > fs_manage_noxattr_fs_files($1_t) > fs_manage_noxattr_fs_dirs($1_t) > ',` > fs_read_noxattr_fs_files($1_t) > ') > > So shouldn't the proposed patch simply be dropped? Fortunately, it has not been applied, I think. And if it causes problems and degradation of current policy, as you now recognize, why did you post it in the first place then ? > Cheers > > Laurent Bigonville