From mboxrd@z Thu Jan  1 00:00:00 1970
From: sven.vermeulen@siphos.be (Sven Vermeulen)
Date: Wed, 16 Feb 2011 21:51:54 +0100
Subject: [refpolicy] [PATCH 5/34]: patch to label XDG config files and
 allow policykit to use them
In-Reply-To: <1297836060.3205.34.camel@tesla.lan>
References: <1297836060.3205.34.camel@tesla.lan>
Message-ID: <20110216205154.GB5937@siphos.be>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Wed, Feb 16, 2011 at 07:00:59AM +0100, Guido Trentalancia wrote:
> This patch labels HOME_DIR/\.config as gnome_home_t and then
> allows policykit to read such kind of files.

Afaik, this location is used by much more than gnome applications. I don't
have GNOME installed but it is still there for things like XFCE4, epdfview,
zathura etc.

The .config location seems to be part of the XDG Base Directory
Specification (I believe dgrift once referred me to this), independent of
GNOME.

Perhaps it is more wise to call it user_config_t or user_xdg_config_t (and
xdg_config_t for /etc/xdg etc.)? That way, the necessary privileges can be
offered in an XDG-specific set of interfaces for all applications adhering
to this specification (rather than using gnome_* interfaces even though they
are not GNOME related).

Wkr,
	Sven Vermeulen