All of lore.kernel.org
 help / color / mirror / Atom feed
From: domg472@gmail.com (Dominick Grift)
To: refpolicy@oss.tresys.com
Subject: [refpolicy] [PATCH 1/1] Added KDE and Konqueror policy. Made necessary changes in staff, unprivuser and unconfined, for it to work.
Date: Sat, 30 Jan 2010 16:29:51 +0100	[thread overview]
Message-ID: <4B64506F.5070708@gmail.com> (raw)
In-Reply-To: <201001301602.31982.Nicky726@gmail.com>

On 01/30/2010 04:02 PM, Nicky726 wrote:
> 

Just some comments and suggestions below:

> allow konqueror_t $2:process signal_perms;

I would call an interface in the user domain instead

> +	dontaudit $2 konqueror_t:process { noatsecure siginh rlimitinh };

This is most likely not required

> +	# X access, Home files
> +	manage_dirs_pattern($2, konqueror_home_t, konqueror_home_t)
> +	manage_files_pattern($2, konqueror_home_t, konqueror_home_t)
> +	manage_lnk_files_pattern($2, konqueror_home_t, konqueror_home_t)
> +	relabel_dirs_pattern($2, konqueror_home_t, konqueror_home_t)
> +	relabel_files_pattern($2, konqueror_home_t, konqueror_home_t)
> +	relabel_lnk_files_pattern($2, konqueror_home_t, konqueror_home_t)

This is most likely not required ( is included with
userdom_user_home_content()

yet:

> +# Temp acces for konqueror
> +manage_dirs_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t)
> +manage_lnk_files_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t)
> +manage_sock_files_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t)
> +manage_files_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t)

This does probably require the user to be able to manage it


> +corenet_tcp_sendrecv_all_if(konqueror_t)
> +corenet_tcp_sendrecv_all_nodes(konqueror_t)
> +corenet_tcp_sendrecv_all_ports(konqueror_t)

use generic instead of all

> +# Use shared libs
> +libs_use_ld_so(konqueror_t)
> +libs_use_shared_libs(konqueror_t)

Not required

> +xserver_read_xdm_tmp_files(konqueror_t)
> +xserver_read_user_xauth(konqueror_t)
> +xserver_stream_connect(konqueror_t) #connect to xserver
> +xserver_stream_connect_xdm(konqueror_t) #connect to xdm xserver

Probably better to use xserver_user_x_domain_template()

> +        konqueror_role(staff_r, staff_t)
> +')
> +

Should probably go into userdomain (common use template), but i believe
that for reference policy these calls are not required at all (gets
called automatically)

> +        konqueror_role(user_r, user_t)
> +')

Same as above

> +        konqueror_role(unconfined_r, unconfined_t)
> +')
> +

Not sure whether it is a good idea run let unconfined_t transition

> +HOME_DIR/\.kde/share/config/konq_history	--	gen_context(system_u:object_r:konqueror_home_t,s0)
> +
> +HOME_DIR/\.kde/share/config/konquerorrc		--	gen_context(system_u:object_r:konqueror_home_t,s0)
> +
> +HOME_DIR/\.kde/share/config/konqsidebartng.rc	--	gen_context(system_u:object_r:konqueror_home_t,s0)
> +
> +HOME_DIR/\.kde/share/config/kuriikwsfilterrc	--	gen_context(system_u:object_r:konqueror_home_t,s0)
> +
> +HOME_DIR/\.kde/share/apps/konqueror(/.*)?		gen_context(system_u:object_r:konqueror_home_t,s0)
> +
> +HOME_DIR/\.kde/share/apps/khtml(/.*)?			gen_context(system_u:object_r:konqueror_home_t,s0)

Why not just kde_shared_home_t for everything in ~/.kde

> +	#allow $2 konqueror_t:fd use;
> +	#allow $2 konqueror_t:shm { associate getattr };
> +	#allow $2 konqueror_t:shm { unix_read unix_write };

Not required i believe.

> +# Temp acces for konqueror
> +manage_dirs_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t)
> +manage_lnk_files_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t)
> +manage_sock_files_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t)
> +manage_files_pattern(konqueror_t, konqueror_tmp_t, konqueror_tmp_t)

where is the file trans pattern? files_tmp_filetrans

> +gen_tunable(konqueror_exec_bin_t, false)

This shouldnt be tunable

> +	#allow $2 konqueror_t:unix_stream_socket connectto;

i would use konqueror_stream_connect($2)







> 
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20100130/01c50b08/attachment.bin 

  reply	other threads:[~2010-01-30 15:29 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-01-30 15:02 [refpolicy] [PATCH 1/1] Added KDE and Konqueror policy. Made necessary changes in staff, unprivuser and unconfined, for it to work Nicky726
2010-01-30 15:29 ` Dominick Grift [this message]
     [not found] <mailman.1.1264874402.23822.refpolicy@oss.tresys.com>
2010-01-30 19:02 ` Nicky726
2010-01-30 20:59   ` Dominick Grift

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4B64506F.5070708@gmail.com \
    --to=domg472@gmail.com \
    --cc=refpolicy@oss.tresys.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.