From mboxrd@z Thu Jan  1 00:00:00 1970
From: guido@trentalancia.com (Guido Trentalancia)
Date: Wed, 05 Sep 2012 01:45:01 +0200
Subject: [refpolicy] [PATCH 2/3] user access to DOS files
In-Reply-To: <1346793669-26282-2-git-send-email-bigon@debian.org>
References: <1346793669-26282-1-git-send-email-bigon@debian.org>
	<1346793669-26282-2-git-send-email-bigon@debian.org>
Message-ID: <5046927D.8010809@trentalancia.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 04/09/2012 23:21, Laurent Bigonville wrote:
> From: Mika Pfl?ger <debian@mikapflueger.de>
>
> Add a new boolean to grant users access to dosfs_t.
> ---
>   policy/global_tunables              |    7 +++++++
>   policy/modules/system/userdomain.if |    6 ++++++
>   2 files changed, 13 insertions(+)
>
> diff --git a/policy/global_tunables b/policy/global_tunables
> index 4705ab6..43cc19a 100644
> --- a/policy/global_tunables
> +++ b/policy/global_tunables
> @@ -111,3 +111,10 @@ gen_tunable(use_samba_home_dirs,false)
>   ## </p>
>   ## </desc>
>   gen_tunable(user_tcp_server,false)
> +
> +## <desc>
> +## <p>
> +## Allow users to manage files on dosfs_t devices, usually removable media
> +## </p>
> +## </desc>
> +gen_tunable(user_manage_dos_files,true)

In my opinion is good to have this as on option, but in a secure 
environment the default should be false for removable media.

> diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
> index e720dcd..0c96b65 100644
> --- a/policy/modules/system/userdomain.if
> +++ b/policy/modules/system/userdomain.if
> @@ -117,6 +117,12 @@ template(`userdom_base_user_template',`
>   		# Allow making the stack executable via mprotect.
>   		allow $1_t self:process execstack;
>   	')
> +
> +	tunable_policy(`user_manage_dos_files',`
> +		fs_manage_dos_dirs($1_t)
> +		fs_manage_dos_files($1_t)
> +	')
> +
>   ')
>
>   #######################################
>

Regards,

Guido