From: jason@perfinion.com (Jason Zaman)
Date: Thu, 12 Apr 2018 19:38:04 +0800
Subject: [refpolicy] [PATCH 4/6] mozilla: allow map usr, home, tmp files
In-Reply-To: <20180412113806.2256-1-jason@perfinion.com>
References: <20180412113806.2256-1-jason@perfinion.com>
Message-ID: <20180412113806.2256-4-jason@perfinion.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

---
 mozilla.te | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/mozilla.te b/mozilla.te
index bc45d50..08496b6 100644
--- a/mozilla.te
+++ b/mozilla.te
@@ -108,6 +108,7 @@ manage_lnk_files_pattern(mozilla_t, mozilla_tmpfs_t, mozilla_tmpfs_t)
 manage_fifo_files_pattern(mozilla_t, mozilla_tmpfs_t, mozilla_tmpfs_t)
 manage_sock_files_pattern(mozilla_t, mozilla_tmpfs_t, mozilla_tmpfs_t)
 fs_tmpfs_filetrans(mozilla_t, mozilla_tmpfs_t, { file lnk_file sock_file fifo_file })
+allow mozilla_t mozilla_plugin_tmpfs_t:file map;
 
 allow mozilla_t mozilla_plugin_rw_t:dir list_dir_perms;
 allow mozilla_t mozilla_plugin_rw_t:file read_file_perms;
@@ -347,6 +348,7 @@ allow mozilla_plugin_t mozilla_t:sem create_sem_perms;
 manage_dirs_pattern(mozilla_plugin_t, { mozilla_home_t mozilla_plugin_home_t }, { mozilla_home_t mozilla_plugin_home_t })
 manage_files_pattern(mozilla_plugin_t, { mozilla_home_t mozilla_plugin_home_t }, mozilla_plugin_home_t)
 manage_lnk_files_pattern(mozilla_plugin_t, { mozilla_home_t mozilla_plugin_home_t }, mozilla_plugin_home_t)
+allow mozilla_plugin_t mozilla_home_t:file map;
 
 userdom_user_home_dir_filetrans(mozilla_plugin_t, mozilla_home_t, dir, ".galeon")
 userdom_user_home_dir_filetrans(mozilla_plugin_t, mozilla_home_t, dir, ".mozilla")
@@ -370,6 +372,8 @@ manage_fifo_files_pattern(mozilla_plugin_t, mozilla_plugin_tmp_t, mozilla_plugin
 files_tmp_filetrans(mozilla_plugin_t, mozilla_plugin_tmp_t, { dir file fifo_file })
 userdom_user_tmp_filetrans(mozilla_plugin_t, mozilla_plugin_tmp_t, { dir file fifo_file })
 
+allow mozilla_plugin_t mozilla_tmp_t:file rw_file_perms;
+
 manage_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t)
 manage_lnk_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t)
 manage_fifo_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t)
@@ -479,6 +483,7 @@ files_exec_usr_files(mozilla_plugin_t)
 files_list_mnt(mozilla_plugin_t)
 files_read_config_files(mozilla_plugin_t)
 files_read_usr_files(mozilla_plugin_t)
+files_map_usr_files(mozilla_plugin_t)
 
 fs_getattr_all_fs(mozilla_plugin_t)
 # fs_read_hugetlbfs_files(mozilla_plugin_t)
-- 
2.16.1