mozilla patch from dan.

2009-07-27 09:11:12 -04:00 · 2009-07-27 09:11:12 -04:00 · 06625d302c
commit 06625d302c
parent f4962ab15b
4 changed files with 8 additions and 9 deletions
--- a/policy/modules/apps/mozilla.fc
+++ b/policy/modules/apps/mozilla.fc
@ -14,11 +14,6 @@ HOME_DIR/\.phoenix(/.*)?		gen_context(system_u:object_r:mozilla_home_t,s0)
 /usr/bin/mozilla-[0-9].*	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
 /usr/bin/mozilla-bin-[0-9].*	--	gen_context(system_u:object_r:mozilla_exec_t,s0)
 #
 # /etc
 #
 /etc/mozpluggerrc 		--	gen_context(system_u:object_r:mozilla_conf_t,s0)
 #
 # /lib
 #
@ -29,3 +24,5 @@ HOME_DIR/\.phoenix(/.*)?		gen_context(system_u:object_r:mozilla_home_t,s0)
 /usr/lib(64)?/mozilla[^/]*/mozilla-.* -- gen_context(system_u:object_r:mozilla_exec_t,s0)
 /usr/lib(64)?/firefox[^/]*/mozilla-.* -- gen_context(system_u:object_r:mozilla_exec_t,s0)
 /usr/lib(64)?/[^/]*firefox[^/]*/firefox-bin -- gen_context(system_u:object_r:mozilla_exec_t,s0)
 /usr/lib/[^/]*firefox[^/]*/firefox --	gen_context(system_u:object_r:mozilla_exec_t,s0)
 /usr/lib64/[^/]*firefox[^/]*/firefox -- gen_context(system_u:object_r:mozilla_exec_t,s0)
--- a/policy/modules/apps/mozilla.if
+++ b/policy/modules/apps/mozilla.if
@ -82,8 +82,7 @@ interface(`mozilla_write_user_home_files',`
 		type mozilla_home_t;
 	')
-	allow $1 mozilla_home_t:dir list_dir_perms;
+	write_files_pattern($1, mozilla_home_t, mozilla_home_t)
 	allow $1 mozilla_home_t:file write;
 	userdom_search_user_home_dirs($1)
 ')
--- a/policy/modules/apps/mozilla.te
+++ b/policy/modules/apps/mozilla.te
@ -1,5 +1,5 @@
-policy_module(mozilla, 2.0.2)
+policy_module(mozilla, 2.0.3)
 ########################################
 #
@ -105,6 +105,7 @@ corenet_sendrecv_generic_client_packets(mozilla_t)
 # Should not need other ports
 corenet_dontaudit_tcp_sendrecv_generic_port(mozilla_t)
 corenet_dontaudit_tcp_bind_generic_port(mozilla_t)
 corenet_tcp_connect_speech_port(mozilla_t)
 dev_read_urand(mozilla_t)
 dev_read_rand(mozilla_t)
@ -234,6 +235,7 @@ optional_policy(`
 optional_policy(`
 	gnome_stream_connect_gconf(mozilla_t)
 	gnome_manage_config(mozilla_t)
 ')
 optional_policy(`
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@ -1,5 +1,5 @@
-policy_module(corenetwork, 1.11.12)
+policy_module(corenetwork, 1.11.13)
 ########################################
 #
@ -175,6 +175,7 @@ network_port(snmp, udp,161,s0, udp,162,s0, tcp,199,s0)
 type socks_port_t, port_type; dnl network_port(socks) # no defined portcon
 network_port(soundd, tcp,8000,s0, tcp,9433,s0, tcp, 16001, s0)
 network_port(spamd, tcp,783,s0)
 network_port(speech, tcp,8036,s0)
 network_port(squid, udp,3401,s0, tcp,3401,s0, udp,4827,s0, tcp,4827,s0) # snmp and htcp
 network_port(ssh, tcp,22,s0)
 type stunnel_port_t, port_type; dnl network_port(stunnel) # no defined portcon in current strict