From: Dan Walsh <dwalsh@redhat.com>
Date: Fri, 2 Dec 2011 19:02:18 +0000 (-0500)
Subject: Allow confined users to use mozilla_plugin_rw_t
X-Git-Tag: 000~51
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a08163534c96663cd61f7f42f29869ae5562ee4e;p=people%2Fstevee%2Fselinux-policy.git

Allow confined users to use mozilla_plugin_rw_t
---

diff --git a/policy/modules/apps/mozilla.if b/policy/modules/apps/mozilla.if
index aa15d05d..e1879825 100644
--- a/policy/modules/apps/mozilla.if
+++ b/policy/modules/apps/mozilla.if
@@ -209,6 +209,7 @@ interface(`mozilla_domtrans_plugin',`
 	gen_require(`
 		type mozilla_plugin_t, mozilla_plugin_exec_t;
 		type mozilla_plugin_config_t, mozilla_plugin_config_exec_t;
+		type mozilla_plugin_rw_t;
 		class dbus send_msg;
 	')
 
@@ -224,6 +225,11 @@ interface(`mozilla_domtrans_plugin',`
 
 	ps_process_pattern($1, mozilla_plugin_t)
 	allow $1 mozilla_plugin_t:process signal_perms;
+
+	list_dirs_pattern($1, mozilla_plugin_rw_t, mozilla_plugin_rw_t)
+	read_files_pattern($1, mozilla_plugin_rw_t, mozilla_plugin_rw_t)
+	read_lnk_files_pattern($1, mozilla_plugin_rw_t, mozilla_plugin_rw_t)
+	can_exec($1, mozilla_plugin_rw_t)
 ')
 
 ########################################