From mboxrd@z Thu Jan  1 00:00:00 1970
From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Mon, 9 Jun 2014 11:02:07 -0400
Subject: [refpolicy] [PATCH 1/1] Add dropbox_port_t support
In-Reply-To: <1402170272-25800-1-git-send-email-sven.vermeulen@siphos.be>
References: <1402170272-25800-1-git-send-email-sven.vermeulen@siphos.be>
Message-ID: <5395CC6F.1070002@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 06/07/2014 03:44 PM, Sven Vermeulen wrote:
> The dropbox application has a feature called "LAN Sync" which works on
> TCP & UDP port 17500. Marking this port as dropbox_port_t (instead of
> the currently default unreserved_port_t) allows for more fine-grained
> access control to this resource.
> 
> Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
> ---
>  policy/modules/kernel/corenetwork.te.in | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
> index 7fe89bc..5f28977 100644
> --- a/policy/modules/kernel/corenetwork.te.in
> +++ b/policy/modules/kernel/corenetwork.te.in
> @@ -120,6 +120,7 @@ network_port(dhcpd, udp,67,s0, udp,547,s0, tcp, 547,s0, udp,548,s0, tcp, 548,s0,
>  network_port(dict, tcp,2628,s0)
>  network_port(distccd, tcp,3632,s0)
>  network_port(dns, tcp,53,s0, udp,53,s0)
> +network_port(dropbox, tcp,17500,s0, udp,17500,s0)
>  network_port(efs, tcp,520,s0)
>  network_port(embrace_dp_c, tcp,3198,s0, udp,3198,s0)
>  network_port(epmap, tcp,135,s0, udp,135,s0)
 
Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com