This patch curbs on userdomain file read and/or write permissions
for the cups daemon module.
It aims to ensure user data confidentiality.
A boolean has been introduced to revert the previous read/write
behavior.
Signed-off-by: Guido Trentalancia <[email protected]>
---
policy/modules/contrib/cups.te | 20 +++++++++++++++++---
1 file changed, 17 insertions(+), 3 deletions(-)
--- refpolicy-2.20170204-orig/policy/modules/contrib/cups.te 2017-02-04 19:30:22.000000000 +0100
+++ refpolicy-2.20170204/policy/modules/contrib/cups.te 2017-04-20 00:58:22.382438584 +0200
@@ -5,6 +5,15 @@ policy_module(cups, 1.21.0)
# Declarations
#
+## <desc>
+## <p>
+## Determine whether cups-pdf can
+## manage the user home directories
+## and files.
+## </p>
+## </desc>
+gen_tunable(cups_pdf_enable_home_dirs, false)
+
type cupsd_config_t;
type cupsd_config_exec_t;
init_daemon_domain(cupsd_config_t, cupsd_config_exec_t)
@@ -590,9 +599,14 @@ miscfiles_read_localization(cups_pdf_t)
miscfiles_read_fonts(cups_pdf_t)
miscfiles_setattr_fonts_cache_dirs(cups_pdf_t)
-userdom_manage_user_home_content_dirs(cups_pdf_t)
-userdom_manage_user_home_content_files(cups_pdf_t)
-userdom_home_filetrans_user_home_dir(cups_pdf_t)
+tunable_policy(`cups_pdf_enable_home_dirs',`
+ userdom_manage_user_home_content_dirs(cups_pdf_t)
+ userdom_manage_user_home_content_files(cups_pdf_t)
+ userdom_user_home_dir_filetrans_user_home_content(cups_pdf_t, { dir file })
+',`
+ userdom_dontaudit_manage_user_home_content_dirs(cups_pdf_t)
+ userdom_dontaudit_manage_user_home_content_files(cups_pdf_t)
+')
tunable_policy(`use_nfs_home_dirs',`
fs_manage_nfs_dirs(cups_pdf_t)