]> git.ipfire.org Git - people/stevee/selinux-policy.git/commitdiff
projects / people / stevee / selinux-policy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ea889ac)
Revert: ea889ac720a4fddde6d8376cb5dc9336d14e867e
authorDominick Grift <domg472@gmail.com>
Wed, 6 Jul 2011 22:15:53 +0000 (00:15 +0200)
committerDominick Grift <domg472@gmail.com>
Wed, 6 Jul 2011 22:15:53 +0000 (00:15 +0200)
mozilla_plugin_tmp_t is userdom_user_tmp_content() and so callers have
full access to it.

policy/modules/apps/mozilla.if patch | blob | blame | history

diff --git a/policy/modules/apps/mozilla.if b/policy/modules/apps/mozilla.if
index d0fcc879c10edbd3a7011cd093a541dac616a984..8f91e5586fc3bfbf3df830c33d7a2410fb872b0f 100644 (file)
--- a/policy/modules/apps/mozilla.if
+++ b/policy/modules/apps/mozilla.if
@@ -233,14 +233,13 @@ interface(`mozilla_domtrans_plugin',`
 #
 interface(`mozilla_run_plugin',`
        gen_require(`
-               type mozilla_plugin_t, mozilla_plugin_tmp_t;
+               type mozilla_plugin_t;
        ')
 
        mozilla_domtrans_plugin($1)
        role $2 types mozilla_plugin_t;
 
        allow $1 mozilla_plugin_t:unix_stream_socket { connectto rw_socket_perms };
-       allow $1 mozilla_plugin_tmp_t:sock_file write_sock_file_perms;
        allow $1 mozilla_plugin_t:fd use;
 
        allow mozilla_plugin_t $1:unix_stream_socket rw_socket_perms;
The IPFire selinux policy.