Re: [PATCH] s/mozilla/webbrowser/g

From: Nicolas Iooss <nicolas.iooss@m4x.org>
To: Chris PeBenito <pebenito@ieee.org>
Cc: Jason Zaman <jason@perfinion.com>,
	Russell Coker <russell@coker.com.au>,
	"selinux-refpolicy@vger.kernel.org" 
	<selinux-refpolicy@vger.kernel.org>
Subject: Re: [PATCH] s/mozilla/webbrowser/g
Date: Sat, 12 Jan 2019 23:55:38 +0100	[thread overview]
Message-ID: <CAJfZ7=kKwyEYNP+iNVmV-ObgUgD4vK6SnWPb5e+YZ9ebB3EVgQ@mail.gmail.com> (raw)
In-Reply-To: <9e966272-1e72-c250-bfb6-0f3b8bd07931@ieee.org>

On Sat, Jan 12, 2019 at 9:05 PM Chris PeBenito <pebenito@ieee.org> wrote:
>
> On 1/12/19 2:33 AM, Jason Zaman wrote:
> > On Sat, Jan 12, 2019 at 04:19:09PM +1100, Russell Coker wrote:
> >> This patch as requested renames mozilla to webbrowser and adds appropriate
> >> typealias rules.
> >
> > Hm. the mozilla and chrome policies are pretty different tho. I dont
> > like this merging thing, I think we should keep mozilla_t and chromium_t
> > separate. I'm fixing up the gentoo chromium policy and i'll send it in a
> > couple hrs.
>
> The chromium policy Jason posted is indeed slimmer than the current
> mozilla policy (see Jason's thread), which would seem to indicate
> keeping them separate.  However, the mozilla policy is so big because
> it's been around for a long time and has built up all of the various
> odds and ends that a browser brings in, which could possibly be missing
> from the chromium policy.
>
> I am on the fence.  I could see going either way.

Even though Mozilla browsers and Chrome/Chromium are both web browsers
with Javascript engines, plugins, etc. they have strong differences.
If I remember correctly:
- Chromium uses a sandbox (which is labelled differently) contrary to Firefox ;
- Chromium can interact with Multicast DNS (it listens on UDP port
5353 on my system, I guess for feature likes Chromecast) and I do not
whether Firefox or Epiphany can do something similar, and I do not
expect them to.

Moreover some developers package apps with Electron, which uses a
runtime based on Chromium (according to
https://electronjs.org/docs/tutorial/about). Having a separate
chromium policy might help creating a policy for such an app, though I
am not sure about this.

About the fact that mozilla policy has been around for a long time
contrary to this new chromium policy, if it is an issue, it should be
possible to compare Gentoo's policy with Fedora's one: it has a chrome
module in contrib/ that has been around for a least 6 years according
to https://github.com/fedora-selinux/selinux-policy-contrib/commits/rawhide?path%5B%5D=chrome.te
.

All of this remain my humble opinion on this subject and I am sharing
it in order to help making a choice. I will of course understand if
the choice of merging everything into a single web-browser module is
being made (for example to ease the maintenance of the policy or to
avoid introducing many types in the policy).

Cheers,
Nicolas