From: guido@trentalancia.net (Guido Trentalancia)
Date: Sat, 13 May 2017 17:55:57 +0200
Subject: [refpolicy] [PATCH] openoffice: open files retrieved using mozilla
Message-ID: <1494690957.7940.1.camel@trentalancia.net>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Let openoffice open files retrieved from the network using mozilla.

Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
---
 policy/modules/contrib/mozilla.if    |   18 ++++++++++++++++++
 policy/modules/contrib/openoffice.te |    1 +
 2 files changed, 19 insertions(+)

--- a/policy/modules/contrib/mozilla.if	2015-10-19 01:13:41.000000000 +0200
+++ b/policy/modules/contrib/mozilla.if	2017-05-13 17:51:56.986097970 +0200
@@ -288,6 +288,24 @@ interface(`mozilla_execmod_user_plugin_h
 	allow $1 mozilla_plugin_home_t:file execmod;
 ')
 
+#######################################
+## <summary>
+##	Read temporary mozilla files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`mozilla_read_tmp_files',`
+	gen_require(`
+		type mozilla_tmp_t;
+	')
+
+	read_files_pattern($1, mozilla_tmp_t, mozilla_tmp_t)
+')
+
 ########################################
 ## <summary>
 ##	Run mozilla in the mozilla domain.
--- a/policy/modules/contrib/openoffice.te	2017-04-21 22:51:02.574611335 +0200
+++ b/policy/modules/contrib/openoffice.te	2017-05-13 17:40:58.553100662 +0200
@@ -128,6 +152,7 @@ optional_policy(`
 
 optional_policy(`
 	mozilla_domtrans(ooffice_t)
+	mozilla_read_tmp_files(ooffice_t)
 ')
 
 optional_policy(`