#DESC privoxy - privacy enhancing proxy
#
# Authors: Dan Walsh <dwalsh@redhat.com>
#
#

#################################
#
# Rules for the privoxy_t domain.
#
daemon_domain(privoxy)

logdir_domain(privoxy)

# Use capabilities.
allow privoxy_t self:capability net_bind_service;

# Use the network.
can_network(privoxy_t)
allow privoxy_t port_t:{ tcp_socket udp_socket } name_bind;
allow privoxy_t etc_t:file { getattr read };
allow privoxy_t self:capability { setgid setuid };
allow privoxy_t self:unix_stream_socket create_socket_perms ;
allow privoxy_t admin_tty_type:chr_file { read write };