From: cpebenito@tresys.com (Christopher J. PeBenito) Date: Mon, 26 Nov 2012 11:35:23 -0500 Subject: [refpolicy] [PATCH 3/3] Implement X Desktop Group In-Reply-To: <1352116515-21046-4-git-send-email-dominick.grift@gmail.com> References: <1352116515-21046-1-git-send-email-dominick.grift@gmail.com> <1352116515-21046-4-git-send-email-dominick.grift@gmail.com> Message-ID: <50B39A4B.6000905@tresys.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Overall, I'm ok with this, but have a couple questions: On 11/05/12 06:55, Dominick Grift wrote: > Creates 3 type attributes for xdg cache (~/.cache), config (~/.config) > and data (~/.local/share user home content and assigns to > xserver_user_cache_home_content(), xserver_user_config_home_content() > and xserver_user_data_home_content() respectively > > Creates 3 types for generic xdg user cache, config and data home > content, assigns to them their respective type attributes and > classifieds them user_home_content_type by calling xserver_user_cache, > config, data_home_content > > Create the various basic interfaces that will be needed: > > 1. xserver_create_generic_user_cache, config, data, home_dirs: > This will be used together with > xserver_user_home_(content|dir)_filetrans_cache, config, > data_home_content and allows the caller to create ~/.cache, ~/.config > and ~/.local/share directories. Each XDG aware program needs to be > able to create these. > > 2. xserver_read|manage_generic_user_cache, config, data_home_content: > By default content is created with a generic type and these broad > interfaces allow the caller to read of manage content with these > generic types > > 3. xserver_user_cache, config, data_home_content_filetrans: > Allows callers to create specified objects in these location with a > private type > > Add file context specifications for ~/.cache(/.*)? (user_cache_home_t), > ~/.config(/.*)? (user_config_home_t) and ~/.local/share(/.*)? > (user_data_home_t) I'm not sure that user_data_home_t is the best name. I thought about user_local_home_t, but thats vague too. Sven has been putting forward a patch for this stuff for a while too, and I'm thinking the it might make sense to have xdg in the type names. > There is a little issue with user_data_home, this is content for > ~/.local/share and as per xdg specification "share" is the user data > root dir instead of ~/.local, that means that the type transition > happens on user home content instead of user home dir. this makes it a > bit more prone to error since all directories named share created by > xserver_restricted_role callers in generic user home content > directories will be created with user_data_home_t. We could consider > using ~/.local instead It seems that .local would probably be a better idea, since it keeps errors down. I looked on my system, and all I have in ~/.local is share anyway. [cut] > diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te > index 9bc86a0..a42f9bc 100644 > --- a/policy/modules/services/xserver.te > +++ b/policy/modules/services/xserver.te > @@ -49,6 +49,11 @@ gen_tunable(xserver_object_manager, false) > > attribute x_domain; > > +# X Desktop Group > +attribute xserver_user_cache_home_content_type; > +attribute xserver_user_config_home_content_type; > +attribute xserver_user_data_home_content_type; > + > # X Events > attribute xevent_type; > attribute input_xevent_type; I'm unclear what the purpose of these attributes will be. Do you expect to have interfaces that work on these? I've merged the other two patches. -- Chris PeBenito Tresys Technology, LLC www.tresys.com | oss.tresys.com