From c570fd193438556f424726812e0bcd6d75f80a2c Mon Sep 17 00:00:00 2001
From: Miroslav Grepl <mgrepl@redhat.com>
Date: Mon, 5 Dec 2011 13:06:06 +0100
Subject: [PATCH] Allow mozilla_plugin_t to manage mozilla_home_t, needed by
 Flash

---
 policy/modules/apps/mozilla.te | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/policy/modules/apps/mozilla.te b/policy/modules/apps/mozilla.te
index a5a3dd98..fc7a18ed 100644
--- a/policy/modules/apps/mozilla.te
+++ b/policy/modules/apps/mozilla.te
@@ -316,7 +316,9 @@ allow mozilla_plugin_t self:unix_dgram_socket sendto;
 allow mozilla_plugin_t self:unix_stream_socket { connectto create_stream_socket_perms };
 
 can_exec(mozilla_plugin_t, mozilla_home_t)
-read_files_pattern(mozilla_plugin_t, mozilla_home_t, mozilla_home_t)
+manage_dirs_pattern(mozilla_plugin_config_t, mozilla_home_t, mozilla_home_t)
+manage_files_pattern(mozilla_plugin_config_t, mozilla_home_t, mozilla_home_t)
+manage_lnk_files_pattern(mozilla_plugin_config_t, mozilla_home_t, mozilla_home_t)
 
 manage_dirs_pattern(mozilla_plugin_t, mozilla_plugin_tmp_t, mozilla_plugin_tmp_t)
 manage_files_pattern(mozilla_plugin_t, mozilla_plugin_tmp_t, mozilla_plugin_tmp_t)
@@ -497,8 +499,6 @@ allow mozilla_plugin_config_t self:process { setsched signal_perms getsched exec
 allow mozilla_plugin_config_t self:fifo_file rw_file_perms;
 allow mozilla_plugin_config_t self:unix_stream_socket create_stream_socket_perms;
 
-manage_files_pattern(mozilla_plugin_config_t, mozilla_home_t, mozilla_home_t)
-
 dev_search_sysfs(mozilla_plugin_config_t)
 dev_read_urand(mozilla_plugin_config_t)
 dev_dontaudit_read_rand(mozilla_plugin_config_t)
-- 
2.47.3