[refpolicy] [PATCH 1/2] Support the console/graphical links browser
Christopher J. PeBenito
cpebenito at tresys.com
Tue Nov 8 09:08:35 CST 2011
On 10/23/11 10:30, Sven Vermeulen wrote:
>
> Introduce the links_t domain for the links browser, which is an
> ncurses/svgalib/X11 browser (so supports both commandline-only as
> well as GUI environments)
A couple small notes inline.
> Signed-off-by: Sven Vermeulen <sven.vermeulen at siphos.be>
> ---
> links.fc | 6 ++++++
> links.if | 36 ++++++++++++++++++++++++++++++++++++
> links.te | 57 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> 3 files changed, 99 insertions(+), 0 deletions(-)
> create mode 100644 links.fc
> create mode 100644 links.if
> create mode 100644 links.te
>
> diff --git a/links.te b/links.te
> new file mode 100644
> index 0000000..6289570
> --- /dev/null
> +++ b/links.te
> @@ -0,0 +1,57 @@
> +policy_module(links, 1.0.0)
> +
> +############################
> +#
> +# Declarations
> +#
> +
> +type links_t;
> +type links_exec_t;
> +application_domain(links_t, links_exec_t)
> +
> +type links_home_t;
> +typealias links_home_t alias { user_links_home_t staff_links_home_t sysadm_links_home_t };
> +userdom_user_home_content(links_home_t)
> +
> +type links_tmpfs_t;
> +typealias links_tmpfs_t alias { user_links_tmpfs_t staff_links_tmpfs_t sysadm_links_tmpfs_t };
> +files_tmpfs_file(links_tmpfs_t)
> +ubac_constrained(links_tmpfs_t)
The aliases aren't necessary. They only exist in current policies for compatibility reasons. Since this is a new module, there is no compatibility to preserve.
> +############################
> +#
> +# Policy
> +#
> +
> +allow links_t self:process signal_perms;
> +allow links_t self:unix_stream_socket create_stream_socket_perms;
> +
> +manage_dirs_pattern(links_t, links_home_t, links_home_t)
> +manage_files_pattern(links_t, links_home_t, links_home_t)
> +manage_lnk_files_pattern(links_t, links_home_t, links_home_t)
> +manage_sock_files_pattern(links_t, links_home_t, links_home_t)
> +manage_fifo_files_pattern(links_t, links_home_t, links_home_t)
> +
> +manage_files_pattern(links_t, links_tmpfs_t, links_tmpfs_t)
> +manage_lnk_files_pattern(links_t, links_tmpfs_t, links_tmpfs_t)
> +manage_fifo_files_pattern(links_t, links_tmpfs_t, links_tmpfs_t)
> +manage_sock_files_pattern(links_t, links_tmpfs_t, links_tmpfs_t)
> +fs_tmpfs_filetrans(links_t, links_tmpfs_t, { file lnk_file sock_file fifo_file })
> +
> +userdom_user_home_dir_filetrans(links_t, links_home_t, dir)
This can go up with the other links_home_t rules, similar to how you have the above fs_tmpfs_filetrans().
> +
> +corenet_tcp_connect_http_port(links_t)
> +
> +domain_use_interactive_fds(links_t)
> +
> +auth_use_nsswitch(links_t)
> +
> +miscfiles_read_localization(links_t)
> +
> +userdom_manage_user_home_content_dirs(links_t)
> +userdom_manage_user_home_content_files(links_t)
Can this be limited? Is it so users can download files and save them to their home dir? If so, it should be tunable.
> +userdom_use_user_terminals(links_t)
> +
> +optional_policy(`
> + xserver_user_x_domain_template(links, links_t, links_tmpfs_t)
> +')
--
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com
More information about the refpolicy
mailing list