.fonts-cache being created as user_home_dir_t

.fonts-cache being created as user_home_dir_t

[Luke Kenneth Casson Leighton]

it looks like a file_auto_trans() is missing somewhere: i find
that ~/.fonts.cache-1 is set to type user_home_dir_t.

l.

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: .fonts-cache being created as user_home_dir_t

[Russell Coker]

On Tue, 5 Oct 2004 19:10, Luke Kenneth Casson Leighton <lkcl@lkcl.net> wrote:
> it looks like a file_auto_trans() is missing somewhere: i find
> that ~/.fonts.cache-1 is set to type user_home_dir_t.

Is that being created by kdm?  Is the machine in permissive mode at the time 
the file is created?

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: .fonts-cache being created as user_home_dir_t

[Russell Coker]

On Fri, 8 Oct 2004 20:04, Luke Kenneth Casson Leighton <lkcl@lkcl.net> wrote:
> > > it looks like a file_auto_trans() is missing somewhere: i find
> > > that ~/.fonts.cache-1 is set to type user_home_dir_t.
> >
> > Is that being created by kdm?
>
>  i couldn't entirely say: let me see if i can find out...
>  a search through all kdebase *.cpp,h only shows up
>  something in kcontrol kio handler.  so that didn't work.

Put in:
auditallow domain user_home_dir_t:file *;

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: .fonts-cache being created as user_home_dir_t

[Luke Kenneth Casson Leighton]

On Thu, Oct 07, 2004 at 12:50:14PM +1000, Russell Coker wrote:
> On Tue, 5 Oct 2004 19:10, Luke Kenneth Casson Leighton <lkcl@lkcl.net> wrote:
> > it looks like a file_auto_trans() is missing somewhere: i find
> > that ~/.fonts.cache-1 is set to type user_home_dir_t.
> 
> Is that being created by kdm?  

 i couldn't entirely say: let me see if i can find out...
 a search through all kdebase *.cpp,h only shows up
 something in kcontrol kio handler.  so that didn't work.

> Is the machine in permissive mode at the time 
> the file is created?

 no.


-- 
--
Truth, honesty and respect are rare commodities that all spring from
the same well: Love.  If you love yourself and everyone and everything
around you, funnily and coincidentally enough, life gets a lot better.
--
<a href="http://lkcl.net">      lkcl.net      </a> <br />
<a href="mailto:lkcl@lkcl.net"> lkcl@lkcl.net </a> <br />


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: .fonts-cache being created as user_home_dir_t

[Colin Walters]

On Fri, 2004-10-08 at 11:04 +0100, Luke Kenneth Casson Leighton wrote:
> On Thu, Oct 07, 2004 at 12:50:14PM +1000, Russell Coker wrote:
> > On Tue, 5 Oct 2004 19:10, Luke Kenneth Casson Leighton <lkcl@lkcl.net> wrote:
> > > it looks like a file_auto_trans() is missing somewhere: i find
> > > that ~/.fonts.cache-1 is set to type user_home_dir_t.
> > 
> > Is that being created by kdm?  
> 
>  i couldn't entirely say: let me see if i can find out...
>  a search through all kdebase *.cpp,h only shows up
>  something in kcontrol kio handler.  so that didn't work.

The file is created by the fontconfig libraries.  Since Qt uses
fontconfig, any process that uses Qt could potentially create that file.



--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: .fonts-cache being created as user_home_dir_t

[Erich Schubert]

Hi,

>  i couldn't entirely say: let me see if i can find out...
>  a search through all kdebase *.cpp,h only shows up
>  something in kcontrol kio handler.  so that didn't work.

.fonts-cache is probably created by the fontconfig libraries, so any app
that does link this library could be "causing" this.
I guess the cleanes SELinux approach would be to split this out of the
fontconfig libraries into an own application... ;-)

Greetings,
Erich Schubert
-- 
   erich@(vitavonni.de|debian.org)    --    GPG Key ID: 4B3A135C    (o_
     Which is worse: ignorance or apathy? Who knows? Who cares?     //\
            Es lohnt sich nicht, die Augen aufzumachen,             V_/_
                   wenn der Kopf im Sand steckt.


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.