* [refpolicy] Contribute chrome (sandbox) policy from Fedora to Refpolicy.
@ 2012-01-06 17:25 Daniel J Walsh
2012-01-09 20:52 ` Sven Vermeulen
0 siblings, 1 reply; 2+ messages in thread
From: Daniel J Walsh @ 2012-01-06 17:25 UTC (permalink / raw)
To: refpolicy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Please review and Ack.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk8HLqQACgkQrlYvE4MpobMYowCcDioOr28h1epiimg9H3vuW05x
zaoAn3tP+GODXl//G92H0mcwsGOH9QJN
=67PF
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: chrome.patch
Type: text/x-patch
Size: 9727 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20120106/08c5a223/attachment.bin
^ permalink raw reply [flat|nested] 2+ messages in thread
* [refpolicy] Contribute chrome (sandbox) policy from Fedora to Refpolicy.
2012-01-06 17:25 [refpolicy] Contribute chrome (sandbox) policy from Fedora to Refpolicy Daniel J Walsh
@ 2012-01-09 20:52 ` Sven Vermeulen
0 siblings, 0 replies; 2+ messages in thread
From: Sven Vermeulen @ 2012-01-09 20:52 UTC (permalink / raw)
To: refpolicy
On Fri, Jan 06, 2012 at 12:25:56PM -0500, Daniel J Walsh wrote:
> Please review and Ack.
[...]
> +########################################
> +## <summary>
> +## Role access for chrome sandbox
> +## </summary>
> +## <param name="role">
> +## <summary>
> +## Role allowed access
> +## </summary>
> +## </param>
> +## <param name="domain">
> +## <summary>
> +## User domain for the role
> +## </summary>
> +## </param>
> +#
> +interface(`chrome_role_notrans',`
Since the module will be called chrome, I can imagine it wouldn't take long
before chrome is put in its own domain. For this reason, I'd try to keep the
_sandbox suffix wherever possible.
Perhaps chrome_role_notrans_sandbox ?
> +########################################
> +## <summary>
> +## Role access for chrome sandbox
> +## </summary>
> +## <param name="role">
> +## <summary>
> +## Role allowed access
> +## </summary>
> +## </param>
> +## <param name="domain">
> +## <summary>
> +## User domain for the role
> +## </summary>
> +## </param>
> +#
> +interface(`chrome_role',`
chrome_role_sandbox
> +########################################
> +## <summary>
> +## Dontaudit read/write to a chrome_sandbox leaks
> +## </summary>
> +## <param name="domain">
> +## <summary>
> +## Domain to not audit.
> +## </summary>
> +## </param>
> +#
> + gen_require(`
> + type chrome_sandbox_t;
> + ')
> +
> + dontaudit $1 chrome_sandbox_t:unix_stream_socket { read write };
> +')
I'm missing the interface call here.
chrome_dontaudit_rw_unix_stream_sockets_sandbox?
> +ubac_constrained(chrome_sandbox_tmpfs_t)
I'm not certain, but if you mark this resource as ubac-constrained, doesn't
chrome_sandbox_t need to be marked as such as well? Same for
chrome_sandbox_nacl_t?
Wkr,
Sven Vermeulen
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2012-01-09 20:52 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-01-06 17:25 [refpolicy] Contribute chrome (sandbox) policy from Fedora to Refpolicy Daniel J Walsh
2012-01-09 20:52 ` Sven Vermeulen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.