From: guido@trentalancia.net (Guido Trentalancia) Date: Tue, 27 Sep 2016 16:55:32 +0200 Subject: [refpolicy] [PATCH v2] gpg: public key signature verification in evolution In-Reply-To: <1472816153.25473.3.camel@trentalancia.net> References: <1472737946.17989.0.camel@trentalancia.net> <7958812d-93fe-ded7-fb23-6d02c150bcb3@ieee.org> <1472816153.25473.3.camel@trentalancia.net> Message-ID: <1474988132.2265.2.camel@trentalancia.net> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Hello Christopher ! For some strage reason, I believe this patch has not been applied yet. Could you please double-check ? Best regards, Guido On 02/09/2016 at 13.35 +0200, Guido Trentalancia via refpolicy wrote: > Let gpg verify public key signatures in the evolution mail client > application. > > It doesn't need write permissions on such files for > signing/encrypting messages. > > Signed-off-by: Guido Trentalancia > --- > ?policy/modules/contrib/evolution.if |???21 +++++++++++++++++++++ > ?policy/modules/contrib/gpg.te???????|????4 ++++ > ?2 files changed, 25 insertions(+) > > --- refpolicy-git-06082016-orig/policy/modules/contrib/evolution.if > 2016-08-06 21:27:11.349094280 +0200 > +++ refpolicy-git-06082016/policy/modules/contrib/evolution.if > 2016-09-01 15:33:27.072148930 +0200 > @@ -128,6 +128,27 @@ interface(`evolution_stream_connect',` > ? > ?######################################## > ?## > +## Read evolution orbit temporary > +## files. > +## > +## > +## > +## Domain allowed access. > +## > +## > +# > +interface(`evolution_read_orbit_tmp_files',` > + gen_require(` > + type evolution_orbit_tmp_t; > + ') > + > + files_search_tmp($1) > + read_files_pattern($1, evolution_orbit_tmp_t, > evolution_orbit_tmp_t) > +') > + > + > +######################################## > +## > ?## Send and receive messages from > ?## evolution over dbus. > ?## > --- refpolicy-git-06082016-orig/policy/modules/contrib/gpg.te > 2016-08-06 21:27:11.355094349 +0200 > +++ refpolicy-git-06082016/policy/modules/contrib/gpg.te 2016- > 09-01 15:34:13.366784842 +0200 > @@ -147,6 +147,10 @@ tunable_policy(`use_samba_home_dirs',` > ?') > ? > ?optional_policy(` > + evolution_read_orbit_tmp_files(gpg_t) > + ') > + > +optional_policy(` > ? gnome_read_generic_home_content(gpg_t) > ? gnome_stream_connect_all_gkeyringd(gpg_t) > ?') > _______________________________________________ > refpolicy mailing list > refpolicy at oss.tresys.com > http://oss.tresys.com/mailman/listinfo/refpolicy -- This message contains confidential information intended only for the use of the addressee(s). If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message.