From: sven.vermeulen@siphos.be (Sven Vermeulen)
Date: Sat,  7 Jun 2014 21:44:32 +0200
Subject: [refpolicy] [PATCH 1/1] Add dropbox_port_t support
Message-ID: <1402170272-25800-1-git-send-email-sven.vermeulen@siphos.be>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

The dropbox application has a feature called "LAN Sync" which works on
TCP & UDP port 17500. Marking this port as dropbox_port_t (instead of
the currently default unreserved_port_t) allows for more fine-grained
access control to this resource.

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
---
 policy/modules/kernel/corenetwork.te.in | 1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index 7fe89bc..5f28977 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -120,6 +120,7 @@ network_port(dhcpd, udp,67,s0, udp,547,s0, tcp, 547,s0, udp,548,s0, tcp, 548,s0,
 network_port(dict, tcp,2628,s0)
 network_port(distccd, tcp,3632,s0)
 network_port(dns, tcp,53,s0, udp,53,s0)
+network_port(dropbox, tcp,17500,s0, udp,17500,s0)
 network_port(efs, tcp,520,s0)
 network_port(embrace_dp_c, tcp,3198,s0, udp,3198,s0)
 network_port(epmap, tcp,135,s0, udp,135,s0)
-- 
1.8.5.5