Changeset 2636

Show
Ignore:
Timestamp:
03/13/08 10:46:53 (9 months ago)
Author:
pebenito
Message:

xelinux: first round of fixes from testing.

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • branches/xselinux/config/appconfig-mcs/x_contexts

    r2517 r2636  
    3636property _SELINUX_CLIENT_CONTEXT        system_u:object_r:info_xproperty_t:s0 
    3737property _NET_WORKAREA                  system_u:object_r:info_xproperty_t:s0 
     38property _XKB_RULES_NAMES               system_u:object_r:info_xproperty_t:s0 
    3839 
    3940# Clipboard and selection properties 
     
    7980# Screen management and multihead extensions 
    8081extension RANDR                         system_u:object_r:output_xext_t:s0 
     82extension Composite                     system_u:object_r:output_xext_t:s0 
    8183 
    8284# Screensaver, power management extensions 
     
    147149event X11:ButtonRelease                 system_u:object_r:input_xevent_t:s0 
    148150event X11:MotionNotify                  system_u:object_r:input_xevent_t:s0 
     151event X11:SelectionNotify               system_u:object_r:input_xevent_t:s0 
    149152event XInputExtension:DeviceKeyPress    system_u:object_r:input_xevent_t:s0 
    150153event XInputExtension:DeviceKeyRelease  system_u:object_r:input_xevent_t:s0 
     
    181184event X11:GravityNotify                 system_u:object_r:manage_xevent_t:s0 
    182185event X11:CirculateNotify               system_u:object_r:manage_xevent_t:s0 
     186event X11:Expose                        system_u:object_r:manage_xevent_t:s0 
     187event X11:VisibilityNotify              system_u:object_r:manage_xevent_t:s0 
    183188 
    184189# Unknown events (that are not registered in the X server's name database) 

  • branches/xselinux/config/appconfig-mls/x_contexts

    r2517 r2636  
    3636property _SELINUX_CLIENT_CONTEXT        system_u:object_r:info_xproperty_t:s0 
    3737property _NET_WORKAREA                  system_u:object_r:info_xproperty_t:s0 
     38property _XKB_RULES_NAMES               system_u:object_r:info_xproperty_t:s0 
    3839 
    3940# Clipboard and selection properties 
     
    7980# Screen management and multihead extensions 
    8081extension RANDR                         system_u:object_r:output_xext_t:s0 
     82extension Composite                     system_u:object_r:output_xext_t:s0 
    8183 
    8284# Screensaver, power management extensions 
     
    147149event X11:ButtonRelease                 system_u:object_r:input_xevent_t:s0 
    148150event X11:MotionNotify                  system_u:object_r:input_xevent_t:s0 
     151event X11:SelectionNotify               system_u:object_r:input_xevent_t:s0 
    149152event XInputExtension:DeviceKeyPress    system_u:object_r:input_xevent_t:s0 
    150153event XInputExtension:DeviceKeyRelease  system_u:object_r:input_xevent_t:s0 
     
    181184event X11:GravityNotify                 system_u:object_r:manage_xevent_t:s0 
    182185event X11:CirculateNotify               system_u:object_r:manage_xevent_t:s0 
     186event X11:Expose                        system_u:object_r:manage_xevent_t:s0 
     187event X11:VisibilityNotify              system_u:object_r:manage_xevent_t:s0 
    183188 
    184189# Unknown events (that are not registered in the X server's name database) 

  • branches/xselinux/config/appconfig-standard/x_contexts

    r2517 r2636  
    3636property _SELINUX_CLIENT_CONTEXT        system_u:object_r:info_xproperty_t 
    3737property _NET_WORKAREA                  system_u:object_r:info_xproperty_t 
     38property _XKB_RULES_NAMES               system_u:object_r:info_xproperty_t 
    3839 
    3940# Clipboard and selection properties 
     
    7980# Screen management and multihead extensions 
    8081extension RANDR                         system_u:object_r:output_xext_t 
     82extension Composite                     system_u:object_r:output_xext_t 
    8183 
    8284# Screensaver, power management extensions 
     
    147149event X11:ButtonRelease                 system_u:object_r:input_xevent_t 
    148150event X11:MotionNotify                  system_u:object_r:input_xevent_t 
     151event X11:SelectionNotify               system_u:object_r:input_xevent_t 
    149152event XInputExtension:DeviceKeyPress    system_u:object_r:input_xevent_t 
    150153event XInputExtension:DeviceKeyRelease  system_u:object_r:input_xevent_t 
     
    181184event X11:GravityNotify                 system_u:object_r:manage_xevent_t 
    182185event X11:CirculateNotify               system_u:object_r:manage_xevent_t 
     186event X11:Expose                        system_u:object_r:manage_xevent_t 
     187event X11:VisibilityNotify              system_u:object_r:manage_xevent_t 
    183188 
    184189# Unknown events (that are not registered in the X server's name database) 

  • branches/xselinux/policy/modules/services/xserver.if

    r2635 r2636  
    469469 
    470470        # Device rules 
    471         allow $1_x_domain $1_xserver_t:x_device { read getattr setattr setfocus grab bell }; 
     471        allow $1_x_domain $1_xserver_t:x_device { read getattr use setattr setfocus grab bell }; 
    472472 
    473473        allow $1_xserver_t { input_xevent_t $1_input_xevent_type }:x_event send; 
    474474        allow $1_xserver_t { x_rootwindow_t $1_x_domain }:x_drawable send; 
     475 
     476        allow $2 $1_xevent_type:{ x_event x_synthetic_event } receive; 
    475477 
    476478        mls_xwin_read_to_clearance($1_xserver_t) 
     
    730732        allow $3 std_xext_t:x_extension { query use }; 
    731733        allow $3 shmem_xext_t:x_extension { query use }; 
    732         dontaudit $3 xextension_type:x_extension query
     734        dontaudit $3 xextension_type:x_extension { query use }
    733735 
    734736        # X Properties