From: guido@trentalancia.net (Guido Trentalancia) Date: Thu, 22 Dec 2016 17:15:02 +0100 Subject: [refpolicy] [PATCH] openoffice: add writer support for sending email directly to multiple recipients Message-ID: <1482423302.3408.3.camel@trentalancia.net> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com This patch adds optional support to send emails directly from openoffice writer to multiple recipients. Such functionality is different from the functionaly of sending emails through external email clients which is always enabled. Signed-off-by: Guido Trentalancia --- policy/modules/contrib/openoffice.te | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff -pru a/policy/modules/contrib/openoffice.te b/policy/modules/contrib/openoffice.te --- a/policy/modules/contrib/openoffice.te 2016-12-17 17:29:33.837306897 +0100 +++ b/policy/modules/contrib/openoffice.te 2016-12-22 16:48:37.190220678 +0100 @@ -15,6 +15,18 @@ policy_module(openoffice, 1.0.2) ## gen_tunable(openoffice_allow_update, true) +## +##

+## Determine whether openoffice writer +## can send emails directly (print to +## email). This is different from the +## functionality of sending emails +## through external clients which is +## always enabled. +##

+## +gen_tunable(openoffice_allow_email, false) + attribute_role ooffice_roles; type ooffice_t; @@ -82,6 +94,12 @@ tunable_policy(`openoffice_allow_update' corenet_tcp_connect_http_port(ooffice_t) ') +tunable_policy(`openoffice_allow_email',` + corenet_tcp_connect_smtp_port(ooffice_t) + corenet_tcp_sendrecv_smtp_port(ooffice_t) + corenet_sendrecv_smtp_client_packets(ooffice_t) +') + optional_policy(` cups_read_config(ooffice_t) cups_stream_connect(ooffice_t)