From: pebenito@ieee.org (Chris PeBenito) Date: Mon, 15 May 2017 18:22:14 -0400 Subject: [refpolicy] [PATCH] openoffice: open files retrieved using mozilla In-Reply-To: <1494690957.7940.1.camel@trentalancia.net> References: <1494690957.7940.1.camel@trentalancia.net> Message-ID: <1411b600-2bf9-14f1-f835-cd4bde404fed@ieee.org> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 05/13/2017 11:55 AM, Guido Trentalancia via refpolicy wrote: > Let openoffice open files retrieved from the network using mozilla. > > Signed-off-by: Guido Trentalancia > --- > policy/modules/contrib/mozilla.if | 18 ++++++++++++++++++ > policy/modules/contrib/openoffice.te | 1 + > 2 files changed, 19 insertions(+) > > --- a/policy/modules/contrib/mozilla.if 2015-10-19 01:13:41.000000000 +0200 > +++ b/policy/modules/contrib/mozilla.if 2017-05-13 17:51:56.986097970 +0200 > @@ -288,6 +288,24 @@ interface(`mozilla_execmod_user_plugin_h > allow $1 mozilla_plugin_home_t:file execmod; > ') > > +####################################### > +## > +## Read temporary mozilla files. > +## > +## > +## > +## Domain allowed access. > +## > +## > +# > +interface(`mozilla_read_tmp_files',` > + gen_require(` > + type mozilla_tmp_t; > + ') > + > + read_files_pattern($1, mozilla_tmp_t, mozilla_tmp_t) > +') > + > ######################################## > ## > ## Run mozilla in the mozilla domain. > --- a/policy/modules/contrib/openoffice.te 2017-04-21 22:51:02.574611335 +0200 > +++ b/policy/modules/contrib/openoffice.te 2017-05-13 17:40:58.553100662 +0200 > @@ -128,6 +152,7 @@ optional_policy(` > > optional_policy(` > mozilla_domtrans(ooffice_t) > + mozilla_read_tmp_files(ooffice_t) > ') > > optional_policy(` Merged, though I moved the interface implementation. -- Chris PeBenito