Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 311757 Details for
Bug 412637
SELinux policy for www-client/chromium
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
chromium-browser.te
chromium-browser.te (text/plain), 4.31 KB, created by
Paweł Hajdan, Jr. (RETIRED)
on 2012-05-14 14:52:30 UTC
(
hide
)
Description:
chromium-browser.te
Filename:
MIME Type:
Creator:
Paweł Hajdan, Jr. (RETIRED)
Created:
2012-05-14 14:52:30 UTC
Size:
4.31 KB
patch
obsolete
>policy_module(chromium-browser, 1.0.0) > >gen_require(` > role unconfined_r; > type unconfined_t; >') > >type chromium_t; >domain_dyntrans_type(chromium_t); > >type chromium_exec_t; >application_domain(chromium_t, chromium_exec_t); > >type chromium_renderer_t; >domain_base_type(chromium_renderer_t); > >type chromium_tmp_t; >userdom_user_tmp_file(chromium_tmp_t); > >type chromium_tmpfs_t; >userdom_user_tmpfs_file(chromium_tmp_t); > >domain_auto_trans(unconfined_t, chromium_exec_t, chromium_t); >role unconfined_r types { chromium_t chromium_renderer_t }; > >dyntrans_pattern(chromium_t, chromium_renderer_t); > >manage_files_pattern(chromium_t, chromium_tmp_t, chromium_tmp_t); >manage_dirs_pattern(chromium_t, chromium_tmp_t, chromium_tmp_t); >manage_lnk_files_pattern(chromium_t, chromium_tmp_t, chromium_tmp_t); >manage_sock_files_pattern(chromium_t, chromium_tmp_t, chromium_tmp_t); >files_tmp_filetrans(chromium_t, chromium_tmp_t, { file dir }); > >manage_files_pattern(chromium_t, chromium_tmpfs_t, chromium_tmpfs_t); >fs_tmpfs_filetrans(chromium_t, chromium_tmpfs_t, notdevfile_class_set); >fs_tmpfs_filetrans(chromium_renderer_t, chromium_tmpfs_t, notdevfile_class_set); > >xserver_user_x_domain_template(chromium, chromium_t, chromium_tmpfs_t); > >allow chromium_renderer_t self:process execmem; > >allow chromium_renderer_t self:fifo_file rw_fifo_file_perms; >allow chromium_renderer_t self:shm create_shm_perms; >allow chromium_renderer_t self:unix_dgram_socket { create read sendto }; >allow chromium_renderer_t self:unix_stream_socket { create getattr read write }; > >allow chromium_renderer_t chromium_t:fd use; >allow chromium_renderer_t chromium_t:unix_stream_socket rw_stream_socket_perms; >allow chromium_renderer_t chromium_tmpfs_t:file rw_file_perms; > >dontaudit chromium_renderer_t chromium_t:dir search; >dontaudit chromium_renderer_t self:process getsched; > >allow chromium_t self:fifo_file rw_fifo_file_perms;; >allow chromium_t self:process { getsched setsched signal }; > >allow chromium_t chromium_exec_t:file execute_no_trans; >allow chromium_t chromium_renderer_t:dir list_dir_perms; >allow chromium_t chromium_renderer_t:file read_file_perms; >allow chromium_t chromium_renderer_t:fd use; >allow chromium_t chromium_renderer_t:process signal_perms; >allow chromium_t chromium_renderer_t:shm rw_shm_perms; >allow chromium_t chromium_renderer_t:unix_dgram_socket { read write }; >allow chromium_t chromium_renderer_t:unix_stream_socket { read write }; > >dontaudit chromium_t self:process execmem; > >corecmd_exec_bin(chromium_t); >corecmd_exec_shell(chromium_t); >corenet_tcp_connect_all_unreserved_ports(chromium_t); >corenet_tcp_connect_ftp_port(chromium_t); >corenet_tcp_connect_http_port(chromium_t); >dev_read_sysfs(chromium_t); >dev_read_urand(chromium_t); >files_list_home(chromium_t); >files_read_etc_files(chromium_t); >files_read_etc_runtime_files(chromium_t); >files_read_usr_files(chromium_t); >fs_dontaudit_getattr_xattr_fs(chromium_t); >kernel_read_kernel_sysctls(chromium_t); >miscfiles_read_localization(chromium_t); >seutil_libselinux_linked(chromium_t); >sysnet_dns_name_resolve(chromium_t); >sysnet_read_config(chromium_t); >userdom_manage_user_home_content_dirs(chromium_t); >userdom_manage_user_home_content_files(chromium_t); >userdom_use_user_ptys(chromium_t); >xdg_manage_generic_cache_home_content(chromium_t); >xdg_manage_generic_config_home_content(chromium_t); >xdg_manage_generic_data_home_content(chromium_t); > >dev_read_urand(chromium_renderer_t); >files_list_tmp(chromium_renderer_t); > ># TODO: this should be dontaudit. >files_read_etc_files(chromium_renderer_t); > >files_dontaudit_read_all_symlinks(chromium_renderer_t); >files_dontaudit_search_var(chromium_renderer_t); >init_sigchld(chromium_renderer_t); >kernel_dontaudit_read_system_state(chromium_renderer_t); >kernel_dontaudit_search_sysctl(chromium_renderer_t); >miscfiles_read_localization(chromium_renderer_t); >miscfiles_read_fonts(chromium_renderer_t); >userdom_dontaudit_use_user_ptys(chromium_renderer_t); >xdg_read_generic_config_home_files(chromium_renderer_t); > >optional_policy(` > cups_read_config(chromium_t); > cups_stream_connect(chromium_t); >') > >optional_policy(` > dbus_system_bus_client(chromium_t); > > optional_policy(` > unconfined_dbus_chat(chromium_t); > ') >') > >optional_policy(` > unconfined_sigchld(chromium_t); > unconfined_stream_connect(chromium_t); > unconfined_use_fds(chromium_t); > > # TODO: this should be dontaudit. > unconfined_use_fds(chromium_renderer_t); >')
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=311757">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 412637
:
309509
|
309511
|
311157
|
311175
| 311757 |
311759
