From: guido@trentalancia.net (Guido Trentalancia) Date: Thu, 20 Apr 2017 03:06:09 +0200 (CEST) Subject: [refpolicy] [PATCH 22/34] postfix: curb on userdom permissions Message-ID: <1732318738.164529.1492650369718@pim.register.it> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com This patch curbs on userdomain file read and/or write permissions for the postfix module. It aims to ensure user data confidentiality. A boolean has been introduced to revert the previous read/write behavior. Signed-off-by: Guido Trentalancia --- policy/modules/contrib/postfix.te | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) --- refpolicy-2.20170204-orig/policy/modules/contrib/postfix.te 2016-03-25 14:51:37.000000000 +0100 +++ refpolicy-2.20170204/policy/modules/contrib/postfix.te 2017-04-19 20:17:59.127244704 +0200 @@ -7,6 +7,15 @@ policy_module(postfix, 1.17.0) ## ##

+## Determine whether postfix can +## manage the user home directories +## and files. +##

+##
+gen_tunable(postfix_enable_home_dirs, false) + +## +##

## Determine whether postfix local ## can manage mail spool content. ##

@@ -798,8 +807,8 @@ mta_delete_spool(postfix_virtual_t) mta_read_config(postfix_virtual_t) mta_manage_spool(postfix_virtual_t) -userdom_manage_user_home_dirs(postfix_virtual_t) -userdom_manage_user_home_content_dirs(postfix_virtual_t) -userdom_manage_user_home_content_files(postfix_virtual_t) -userdom_home_filetrans_user_home_dir(postfix_virtual_t) -userdom_user_home_dir_filetrans_user_home_content(postfix_virtual_t, { file dir }) +tunable_policy(`postfix_enable_home_dirs',` + userdom_manage_user_home_content_dirs(postfix_virtual_t) + userdom_manage_user_home_content_files(postfix_virtual_t) + userdom_user_home_dir_filetrans_user_home_content(postfix_virtual_t, { dir file }) +')