From 8e977d59f2776d2b3ee3530731eee64f4f3630ca Mon Sep 17 00:00:00 2001
From: Guido Trentalancia <guido@trentalancia.net>
Date: Thu, 1 Dec 2016 16:00:38 +0100
Subject: [PATCH] xserver: remove unneeded user content permissions

Remove unneeded permissions to read user content from the
xserver module.

Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
---
 policy/modules/services/xserver.te | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
index ed0fb8f83..079438627 100644
--- a/policy/modules/services/xserver.te
+++ b/policy/modules/services/xserver.te
@@ -843,12 +843,6 @@ corenet_tcp_bind_vnc_port(xserver_t)
 
 init_use_fds(xserver_t)
 
-# FIXME: After per user fonts are properly working
-# xserver_t may no longer have any reason
-# to read ROLE_home_t - examine this in more detail
-# (xauth?)
-userdom_read_user_home_content_files(xserver_t)
-
 tunable_policy(`use_nfs_home_dirs',`
 	fs_manage_nfs_dirs(xserver_t)
 	fs_manage_nfs_files(xserver_t)