From: guido@trentalancia.net (Guido Trentalancia)
Date: Tue, 27 Sep 2016 16:55:32 +0200
Subject: [refpolicy] [PATCH v2] gpg: public key signature verification
 in evolution
In-Reply-To: <1472816153.25473.3.camel@trentalancia.net>
References: <1472737946.17989.0.camel@trentalancia.net>
	<7958812d-93fe-ded7-fb23-6d02c150bcb3@ieee.org>
	<1472816153.25473.3.camel@trentalancia.net>
Message-ID: <1474988132.2265.2.camel@trentalancia.net>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Hello Christopher !

For some strage reason, I believe this patch has not been applied yet.

Could you please double-check ?

Best regards,

Guido

On 02/09/2016 at 13.35 +0200, Guido Trentalancia via refpolicy wrote:
> Let gpg verify public key signatures in the evolution mail client
> application.
> 
> It doesn't need write permissions on such files for
> signing/encrypting messages.
> 
> Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
> ---
> ?policy/modules/contrib/evolution.if |???21 +++++++++++++++++++++
> ?policy/modules/contrib/gpg.te???????|????4 ++++
> ?2 files changed, 25 insertions(+)
> 
> --- refpolicy-git-06082016-orig/policy/modules/contrib/evolution.if	
> 2016-08-06 21:27:11.349094280 +0200
> +++ refpolicy-git-06082016/policy/modules/contrib/evolution.if	
> 2016-09-01 15:33:27.072148930 +0200
> @@ -128,6 +128,27 @@ interface(`evolution_stream_connect',`
> ?
> ?########################################
> ?## <summary>
> +##	Read evolution orbit temporary
> +##	files.
> +## </summary>
> +## <param name="domain">
> +##	<summary>
> +##	Domain allowed access.
> +##	</summary>
> +## </param>
> +#
> +interface(`evolution_read_orbit_tmp_files',`
> +	gen_require(`
> +		type evolution_orbit_tmp_t;
> +	')
> +
> +	files_search_tmp($1)
> +	read_files_pattern($1, evolution_orbit_tmp_t,
> evolution_orbit_tmp_t)
> +')
> +
> +
> +########################################
> +## <summary>
> ?##	Send and receive messages from
> ?##	evolution over dbus.
> ?## </summary>
> --- refpolicy-git-06082016-orig/policy/modules/contrib/gpg.te	
> 2016-08-06 21:27:11.355094349 +0200
> +++ refpolicy-git-06082016/policy/modules/contrib/gpg.te	2016-
> 09-01 15:34:13.366784842 +0200
> @@ -147,6 +147,10 @@ tunable_policy(`use_samba_home_dirs',`
> ?')
> ?
> ?optional_policy(`
> +	evolution_read_orbit_tmp_files(gpg_t)
> +	')
> +
> +optional_policy(`
> ?	gnome_read_generic_home_content(gpg_t)
> ?	gnome_stream_connect_all_gkeyringd(gpg_t)
> ?')
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy
-- 
This message contains confidential information intended only for the use
of the addressee(s). If you are not the intended recipient, please
contact the sender by return e-mail and destroy all copies of the
original message.