Allow reading the generic SSL certificates from the mozilla
domain.
Signed-off-by: Guido Trentalancia <[email protected]>
---
policy/modules/contrib/mozilla.te | 1 +
1 file changed, 1 insertion(+)
--- refpolicy-git-07122016/policy/modules/contrib/mozilla.te 2016-12-07 13:53:36.324290117 +0100
+++ refpolicy-git-06082016/policy/modules/contrib/mozilla.te 2016-12-07 17:39:03.525631782 +0100
@@ -181,6 +200,7 @@ auth_use_nsswitch(mozilla_t)
logging_send_syslog_msg(mozilla_t)
miscfiles_read_fonts(mozilla_t)
+miscfiles_read_generic_certs(mozilla_t)
miscfiles_read_localization(mozilla_t)
miscfiles_dontaudit_setattr_fonts_dirs(mozilla_t)
Allow reading the system-wide and user-specific certificates
from the mozilla domain and not just from the mozilla_plugin
domain.
Signed-off-by: Guido Trentalancia <[email protected]>
---
policy/modules/contrib/mozilla.te | 3 +++
1 file changed, 3 insertions(+)
diff -pruN refpolicy-git-07122016-orig/policy/modules/contrib/mozilla.te refpolicy-git-07122016/policy/modules/contrib/mozilla.te
--- refpolicy-git-07122016-orig/policy/modules/contrib/mozilla.te 2016-12-07 13:39:50.051911134 +0100
+++ refpolicy-git-07122016/policy/modules/contrib/mozilla.te 2016-12-07 22:57:55.013144918 +0100
@@ -181,9 +181,12 @@ auth_use_nsswitch(mozilla_t)
logging_send_syslog_msg(mozilla_t)
miscfiles_read_fonts(mozilla_t)
+miscfiles_read_generic_certs(mozilla_t)
miscfiles_read_localization(mozilla_t)
miscfiles_dontaudit_setattr_fonts_dirs(mozilla_t)
+userdom_read_user_certs(mozilla_t)
+
userdom_use_user_ptys(mozilla_t)
userdom_manage_user_tmp_dirs(mozilla_t)