From a08163534c96663cd61f7f42f29869ae5562ee4e Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Fri, 2 Dec 2011 14:02:18 -0500
Subject: [PATCH] Allow confined users to use mozilla_plugin_rw_t

---
 policy/modules/apps/mozilla.if | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/policy/modules/apps/mozilla.if b/policy/modules/apps/mozilla.if
index aa15d05d..e1879825 100644
--- a/policy/modules/apps/mozilla.if
+++ b/policy/modules/apps/mozilla.if
@@ -209,6 +209,7 @@ interface(`mozilla_domtrans_plugin',`
 	gen_require(`
 		type mozilla_plugin_t, mozilla_plugin_exec_t;
 		type mozilla_plugin_config_t, mozilla_plugin_config_exec_t;
+		type mozilla_plugin_rw_t;
 		class dbus send_msg;
 	')
 
@@ -224,6 +225,11 @@ interface(`mozilla_domtrans_plugin',`
 
 	ps_process_pattern($1, mozilla_plugin_t)
 	allow $1 mozilla_plugin_t:process signal_perms;
+
+	list_dirs_pattern($1, mozilla_plugin_rw_t, mozilla_plugin_rw_t)
+	read_files_pattern($1, mozilla_plugin_rw_t, mozilla_plugin_rw_t)
+	read_lnk_files_pattern($1, mozilla_plugin_rw_t, mozilla_plugin_rw_t)
+	can_exec($1, mozilla_plugin_rw_t)
 ')
 
 ########################################
-- 
2.47.3