From: pebenito@ieee.org (Chris PeBenito) Date: Thu, 22 Dec 2016 16:13:55 -0500 Subject: [refpolicy] [PATCH] openoffice: add writer support for sending email directly to multiple recipients In-Reply-To: <1482423302.3408.3.camel@trentalancia.net> References: <1482423302.3408.3.camel@trentalancia.net> Message-ID: To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 12/22/16 11:15, Guido Trentalancia via refpolicy wrote: > This patch adds optional support to send emails directly from > openoffice writer to multiple recipients. > > Such functionality is different from the functionaly of sending > emails through external email clients which is always enabled. > > Signed-off-by: Guido Trentalancia > --- > policy/modules/contrib/openoffice.te | 18 ++++++++++++++++++ > 1 file changed, 18 insertions(+) > > diff -pru a/policy/modules/contrib/openoffice.te b/policy/modules/contrib/openoffice.te > --- a/policy/modules/contrib/openoffice.te 2016-12-17 17:29:33.837306897 +0100 > +++ b/policy/modules/contrib/openoffice.te 2016-12-22 16:48:37.190220678 +0100 > @@ -15,6 +15,18 @@ policy_module(openoffice, 1.0.2) > ## > gen_tunable(openoffice_allow_update, true) > > +## > +##

> +## Determine whether openoffice writer > +## can send emails directly (print to > +## email). This is different from the > +## functionality of sending emails > +## through external clients which is > +## always enabled. > +##

> +## > +gen_tunable(openoffice_allow_email, false) > + > attribute_role ooffice_roles; > > type ooffice_t; > @@ -82,6 +94,12 @@ tunable_policy(`openoffice_allow_update' > corenet_tcp_connect_http_port(ooffice_t) > ') > > +tunable_policy(`openoffice_allow_email',` > + corenet_tcp_connect_smtp_port(ooffice_t) > + corenet_tcp_sendrecv_smtp_port(ooffice_t) > + corenet_sendrecv_smtp_client_packets(ooffice_t) > +') > + > optional_policy(` > cups_read_config(ooffice_t) > cups_stream_connect(ooffice_t) > _______________________________________________ Merged. -- Chris PeBenito