* [refpolicy] [PATCH/RFC 0/4] Introduce XDG type definitions
@ 2011-09-04 12:12 Sven Vermeulen
2011-09-04 12:13 ` [refpolicy] [PATCH/RFC 1/4] Introduce xdg types Sven Vermeulen
` (3 more replies)
0 siblings, 4 replies; 6+ messages in thread
From: Sven Vermeulen @ 2011-09-04 12:12 UTC (permalink / raw)
To: refpolicy
This patchset introduces a new module called "xdg".
The purpose of this module is to support the XDG locations as mentioned in
the XDG Base Directory Specification [1] by introducing three types
(xdg_data_home_t, xdg_config_home_t and xdg_cache_home_t) with the related
interfaces for dealing with those types.
Within the patch, there are also a few users identified. Most of the "real"
users will come with a more thorough "let me run all applications that have
access to the user home files" investigation, because the XDG locations are
previously just user_home_t types.
However, before doing that investigation, I'm first presenting the module
and its interfaces for feedback gathering.
[1] http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html
Wkr,
Sven Vermeulen
^ permalink raw reply [flat|nested] 6+ messages in thread* [refpolicy] [PATCH/RFC 1/4] Introduce xdg types 2011-09-04 12:12 [refpolicy] [PATCH/RFC 0/4] Introduce XDG type definitions Sven Vermeulen @ 2011-09-04 12:13 ` Sven Vermeulen 2011-09-14 12:24 ` Christopher J. PeBenito 2011-09-04 12:13 ` [refpolicy] [PATCH/RFC 2/4] Allow users to manage their xdg_* locations Sven Vermeulen ` (2 subsequent siblings) 3 siblings, 1 reply; 6+ messages in thread From: Sven Vermeulen @ 2011-09-04 12:13 UTC (permalink / raw) To: refpolicy The XDG Base Directory specification is an open specification for dealing with user data in a desktop environment. It is published on http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html and in use by many applications. In this patch, we introduce the xdg-specific types and give the standard interfaces for dealing with these types. Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be> --- policy/modules/system/xdg.fc | 3 + policy/modules/system/xdg.if | 172 ++++++++++++++++++++++++++++++++++++++++++ policy/modules/system/xdg.te | 15 ++++ 3 files changed, 190 insertions(+), 0 deletions(-) create mode 100644 policy/modules/system/xdg.fc create mode 100644 policy/modules/system/xdg.if create mode 100644 policy/modules/system/xdg.te diff --git a/policy/modules/system/xdg.fc b/policy/modules/system/xdg.fc new file mode 100644 index 0000000..44dc42e --- /dev/null +++ b/policy/modules/system/xdg.fc @@ -0,0 +1,3 @@ +HOME_DIR/\.cache(/.*)? gen_context(system_u:object_r:xdg_cache_home_t,s0) +HOME_DIR/\.config(/.*)? gen_context(system_u:object_r:xdg_config_home_t,s0) +HOME_DIR/\.local/share(/.*)? gen_context(system_u:object_r:xdg_data_home_t,s0) diff --git a/policy/modules/system/xdg.if b/policy/modules/system/xdg.if new file mode 100644 index 0000000..f844f10 --- /dev/null +++ b/policy/modules/system/xdg.if @@ -0,0 +1,172 @@ +## <summary>Policy for xdg desktop standard</summary> + +####################################### +## <summary> +## Allow the userdomain full administrative rights on the xdg_* locations +## </summary> +## <param name="userdomain"> +## <summary> +## The user domain +## </summary> +## </param> +## <rolebase/> +# +interface(`xdg_admin',` + gen_require(` + type xdg_cache_home_t, xdg_config_home_t, xdg_data_home_t; + ') + + # full control over the xdg_* directories + manage_dirs_pattern($1, xdg_cache_home_t, xdg_cache_home_t) + manage_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) + manage_lnk_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) + manage_sock_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) + manage_fifo_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) + relabel_dirs_pattern($1, xdg_cache_home_t, xdg_cache_home_t) + relabel_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) + relabel_lnk_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) + relabel_sock_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) + relabel_fifo_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) + + manage_dirs_pattern($1, xdg_config_home_t, xdg_config_home_t) + manage_files_pattern($1, xdg_config_home_t, xdg_config_home_t) + manage_lnk_files_pattern($1, xdg_config_home_t, xdg_config_home_t) + manage_sock_files_pattern($1, xdg_config_home_t, xdg_config_home_t) + manage_fifo_files_pattern($1, xdg_config_home_t, xdg_config_home_t) + relabel_dirs_pattern($1, xdg_config_home_t, xdg_config_home_t) + relabel_files_pattern($1, xdg_config_home_t, xdg_config_home_t) + relabel_lnk_files_pattern($1, xdg_config_home_t, xdg_config_home_t) + relabel_sock_files_pattern($1, xdg_config_home_t, xdg_config_home_t) + relabel_fifo_files_pattern($1, xdg_config_home_t, xdg_config_home_t) + + manage_dirs_pattern($1, xdg_data_home_t, xdg_data_home_t) + manage_files_pattern($1, xdg_data_home_t, xdg_data_home_t) + manage_lnk_files_pattern($1, xdg_data_home_t, xdg_data_home_t) + manage_sock_files_pattern($1, xdg_data_home_t, xdg_data_home_t) + manage_fifo_files_pattern($1, xdg_data_home_t, xdg_data_home_t) + relabel_dirs_pattern($1, xdg_data_home_t, xdg_data_home_t) + relabel_files_pattern($1, xdg_data_home_t, xdg_data_home_t) + relabel_lnk_files_pattern($1, xdg_data_home_t, xdg_data_home_t) + relabel_sock_files_pattern($1, xdg_data_home_t, xdg_data_home_t) + relabel_fifo_files_pattern($1, xdg_data_home_t, xdg_data_home_t) +') + +######################################## +## <summary> +## Manage the xdg cache home files +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`xdg_manage_cache_home',` + gen_require(` + type xdg_cache_home_t; + ') + + manage_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) + manage_dirs_pattern($1, xdg_cache_home_t, xdg_cache_home_t) +') + +######################################## +## <summary> +## Read the xdg cache home files +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`xdg_read_cache_home',` + gen_require(` + type xdg_cache_home_t; + type user_home_dir_t; + ') + + list_dirs_pattern($1, user_home_dir_t, xdg_cache_home_t) + read_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) +') + +######################################## +## <summary> +## Manage the xdg config home files +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`xdg_manage_config_home',` + gen_require(` + type xdg_config_home_t; + ') + + manage_files_pattern($1, xdg_config_home_t, xdg_config_home_t) + manage_dirs_pattern($1, xdg_config_home_t, xdg_config_home_t) +') + +######################################## +## <summary> +## Read the xdg config home files +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`xdg_read_config_home',` + gen_require(` + type xdg_config_home_t; + type user_home_dir_t; + ') + + list_dirs_pattern($1, user_home_dir_t, xdg_config_home_t) + read_files_pattern($1, xdg_config_home_t, xdg_config_home_t) +') + +######################################## +## <summary> +## Manage the xdg data home files +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`xdg_manage_data_home',` + gen_require(` + type xdg_data_home_t; + ') + + manage_files_pattern($1, xdg_data_home_t, xdg_data_home_t) + manage_dirs_pattern($1, xdg_data_home_t, xdg_data_home_t) +') + +######################################## +## <summary> +## Read the xdg data home files +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`xdg_read_data_home',` + gen_require(` + type xdg_data_home_t; + type user_home_dir_t; + type user_home_t; + ') + + search_dirs_pattern($1, user_home_dir_t, user_home_t) + list_dirs_pattern($1, user_home_t, xdg_data_home_t) + read_files_pattern($1, xdg_data_home_t, xdg_data_home_t) +') + diff --git a/policy/modules/system/xdg.te b/policy/modules/system/xdg.te new file mode 100644 index 0000000..3b9b0d9 --- /dev/null +++ b/policy/modules/system/xdg.te @@ -0,0 +1,15 @@ +policy_module(xdg, 1.0.0) + +######################################## +# +# Declarations +# +type xdg_data_home_t; +userdom_user_home_content(xdg_data_home_t) + +type xdg_config_home_t; +userdom_user_home_content(xdg_config_home_t) + +type xdg_cache_home_t; +userdom_user_home_content(xdg_cache_home_t) + -- 1.7.3.4 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* [refpolicy] [PATCH/RFC 1/4] Introduce xdg types 2011-09-04 12:13 ` [refpolicy] [PATCH/RFC 1/4] Introduce xdg types Sven Vermeulen @ 2011-09-14 12:24 ` Christopher J. PeBenito 0 siblings, 0 replies; 6+ messages in thread From: Christopher J. PeBenito @ 2011-09-14 12:24 UTC (permalink / raw) To: refpolicy On 09/04/11 08:13, Sven Vermeulen wrote: > The XDG Base Directory specification is an open specification for > dealing with user data in a desktop environment. It is published on > http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html > and in use by many applications. > > In this patch, we introduce the xdg-specific types and give the standard > interfaces for dealing with these types. > > Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be> > --- > policy/modules/system/xdg.fc | 3 + > policy/modules/system/xdg.if | 172 ++++++++++++++++++++++++++++++++++++++++++ > policy/modules/system/xdg.te | 15 ++++ > 3 files changed, 190 insertions(+), 0 deletions(-) > create mode 100644 policy/modules/system/xdg.fc > create mode 100644 policy/modules/system/xdg.if > create mode 100644 policy/modules/system/xdg.te > > diff --git a/policy/modules/system/xdg.fc b/policy/modules/system/xdg.fc > new file mode 100644 > index 0000000..44dc42e > --- /dev/null > +++ b/policy/modules/system/xdg.fc > @@ -0,0 +1,3 @@ > +HOME_DIR/\.cache(/.*)? gen_context(system_u:object_r:xdg_cache_home_t,s0) > +HOME_DIR/\.config(/.*)? gen_context(system_u:object_r:xdg_config_home_t,s0) > +HOME_DIR/\.local/share(/.*)? gen_context(system_u:object_r:xdg_data_home_t,s0) This seems to make sense, though I'm not sure it needs to be its own module. > diff --git a/policy/modules/system/xdg.if b/policy/modules/system/xdg.if > new file mode 100644 > index 0000000..f844f10 > --- /dev/null > +++ b/policy/modules/system/xdg.if > @@ -0,0 +1,172 @@ > +## <summary>Policy for xdg desktop standard</summary> > + > +####################################### > +## <summary> > +## Allow the userdomain full administrative rights on the xdg_* locations > +## </summary> > +## <param name="userdomain"> > +## <summary> > +## The user domain > +## </summary> > +## </param> > +## <rolebase/> > +# > +interface(`xdg_admin',` > + gen_require(` > + type xdg_cache_home_t, xdg_config_home_t, xdg_data_home_t; > + ') > + > + # full control over the xdg_* directories > + manage_dirs_pattern($1, xdg_cache_home_t, xdg_cache_home_t) > + manage_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) > + manage_lnk_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) > + manage_sock_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) > + manage_fifo_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) > + relabel_dirs_pattern($1, xdg_cache_home_t, xdg_cache_home_t) > + relabel_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) > + relabel_lnk_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) > + relabel_sock_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) > + relabel_fifo_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) > + > + manage_dirs_pattern($1, xdg_config_home_t, xdg_config_home_t) > + manage_files_pattern($1, xdg_config_home_t, xdg_config_home_t) > + manage_lnk_files_pattern($1, xdg_config_home_t, xdg_config_home_t) > + manage_sock_files_pattern($1, xdg_config_home_t, xdg_config_home_t) > + manage_fifo_files_pattern($1, xdg_config_home_t, xdg_config_home_t) > + relabel_dirs_pattern($1, xdg_config_home_t, xdg_config_home_t) > + relabel_files_pattern($1, xdg_config_home_t, xdg_config_home_t) > + relabel_lnk_files_pattern($1, xdg_config_home_t, xdg_config_home_t) > + relabel_sock_files_pattern($1, xdg_config_home_t, xdg_config_home_t) > + relabel_fifo_files_pattern($1, xdg_config_home_t, xdg_config_home_t) > + > + manage_dirs_pattern($1, xdg_data_home_t, xdg_data_home_t) > + manage_files_pattern($1, xdg_data_home_t, xdg_data_home_t) > + manage_lnk_files_pattern($1, xdg_data_home_t, xdg_data_home_t) > + manage_sock_files_pattern($1, xdg_data_home_t, xdg_data_home_t) > + manage_fifo_files_pattern($1, xdg_data_home_t, xdg_data_home_t) > + relabel_dirs_pattern($1, xdg_data_home_t, xdg_data_home_t) > + relabel_files_pattern($1, xdg_data_home_t, xdg_data_home_t) > + relabel_lnk_files_pattern($1, xdg_data_home_t, xdg_data_home_t) > + relabel_sock_files_pattern($1, xdg_data_home_t, xdg_data_home_t) > + relabel_fifo_files_pattern($1, xdg_data_home_t, xdg_data_home_t) > +') Use admin_pattern() -- Chris PeBenito Tresys Technology, LLC www.tresys.com | oss.tresys.com ^ permalink raw reply [flat|nested] 6+ messages in thread
* [refpolicy] [PATCH/RFC 2/4] Allow users to manage their xdg_* locations 2011-09-04 12:12 [refpolicy] [PATCH/RFC 0/4] Introduce XDG type definitions Sven Vermeulen 2011-09-04 12:13 ` [refpolicy] [PATCH/RFC 1/4] Introduce xdg types Sven Vermeulen @ 2011-09-04 12:13 ` Sven Vermeulen 2011-09-04 12:14 ` [refpolicy] [PATCH 3/4] Allow the dbusd_t domains to read xdg data Sven Vermeulen 2011-09-04 12:14 ` [refpolicy] [PATCH/RFC 4/4] Allow mozilla " Sven Vermeulen 3 siblings, 0 replies; 6+ messages in thread From: Sven Vermeulen @ 2011-09-04 12:13 UTC (permalink / raw) To: refpolicy The xdg locations as defined under the xdg module are all within a users' HOMEDIR. We allow the user to administer his xdg_* files. Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be> --- policy/modules/system/userdomain.if | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if index c6d3cc8..c4afffe 100644 --- a/policy/modules/system/userdomain.if +++ b/policy/modules/system/userdomain.if @@ -243,6 +243,9 @@ interface(`userdom_manage_home_role',` filetrans_pattern($2, user_home_dir_t, user_home_t, { dir file lnk_file sock_file fifo_file }) files_list_home($2) + # manage user xdg locations + xdg_admin($2) + # cjp: this should probably be removed: allow $2 user_home_dir_t:dir { manage_dir_perms relabel_dir_perms }; -- 1.7.3.4 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* [refpolicy] [PATCH 3/4] Allow the dbusd_t domains to read xdg data 2011-09-04 12:12 [refpolicy] [PATCH/RFC 0/4] Introduce XDG type definitions Sven Vermeulen 2011-09-04 12:13 ` [refpolicy] [PATCH/RFC 1/4] Introduce xdg types Sven Vermeulen 2011-09-04 12:13 ` [refpolicy] [PATCH/RFC 2/4] Allow users to manage their xdg_* locations Sven Vermeulen @ 2011-09-04 12:14 ` Sven Vermeulen 2011-09-04 12:14 ` [refpolicy] [PATCH/RFC 4/4] Allow mozilla " Sven Vermeulen 3 siblings, 0 replies; 6+ messages in thread From: Sven Vermeulen @ 2011-09-04 12:14 UTC (permalink / raw) To: refpolicy The dbus domains currently hold userdom_read_user_home_content_files, partially due to it requiring the xdg data (xdg_data_home_t). Grant xdg_read_data_home to the dbus domain keeps this. From first looks of it, other xdg locations are not needed by dbus. Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be> --- policy/modules/services/dbus.if | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/policy/modules/services/dbus.if b/policy/modules/services/dbus.if index 1a1becd..948aa56 100644 --- a/policy/modules/services/dbus.if +++ b/policy/modules/services/dbus.if @@ -151,6 +151,8 @@ template(`dbus_role_template',` userdom_read_user_home_content_files($1_dbusd_t) + xdg_read_data_home($1_dbusd_t) + ifdef(`hide_broken_symptoms', ` dontaudit $3 $1_dbusd_t:netlink_selinux_socket { read write }; ') -- 1.7.3.4 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* [refpolicy] [PATCH/RFC 4/4] Allow mozilla to read xdg data 2011-09-04 12:12 [refpolicy] [PATCH/RFC 0/4] Introduce XDG type definitions Sven Vermeulen ` (2 preceding siblings ...) 2011-09-04 12:14 ` [refpolicy] [PATCH 3/4] Allow the dbusd_t domains to read xdg data Sven Vermeulen @ 2011-09-04 12:14 ` Sven Vermeulen 3 siblings, 0 replies; 6+ messages in thread From: Sven Vermeulen @ 2011-09-04 12:14 UTC (permalink / raw) To: refpolicy Mozilla (firefox) reads in xdg data, for instance for the MIME handling (associating MIME types with applications) as mentioned in ~/.local/share/applications Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be> --- policy/modules/apps/mozilla.te | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/policy/modules/apps/mozilla.te b/policy/modules/apps/mozilla.te index 1039ff2..5083594 100644 --- a/policy/modules/apps/mozilla.te +++ b/policy/modules/apps/mozilla.te @@ -167,6 +167,8 @@ sysnet_dns_name_resolve(mozilla_t) userdom_use_user_ptys(mozilla_t) +xdg_read_data_home(mozilla_t) + xserver_user_x_domain_template(mozilla, mozilla_t, mozilla_tmpfs_t) xserver_dontaudit_read_xdm_tmp_files(mozilla_t) xserver_dontaudit_getattr_xdm_tmp_sockets(mozilla_t) -- 1.7.3.4 ^ permalink raw reply related [flat|nested] 6+ messages in thread
end of thread, other threads:[~2011-09-14 12:24 UTC | newest] Thread overview: 6+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2011-09-04 12:12 [refpolicy] [PATCH/RFC 0/4] Introduce XDG type definitions Sven Vermeulen 2011-09-04 12:13 ` [refpolicy] [PATCH/RFC 1/4] Introduce xdg types Sven Vermeulen 2011-09-14 12:24 ` Christopher J. PeBenito 2011-09-04 12:13 ` [refpolicy] [PATCH/RFC 2/4] Allow users to manage their xdg_* locations Sven Vermeulen 2011-09-04 12:14 ` [refpolicy] [PATCH 3/4] Allow the dbusd_t domains to read xdg data Sven Vermeulen 2011-09-04 12:14 ` [refpolicy] [PATCH/RFC 4/4] Allow mozilla " Sven Vermeulen
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.