# # Macros for mozilla/mozilla (or other browser) domains. # # # Authors: Stephen Smalley and Timothy Fraser # # # mozilla_domain(domain_prefix) # # Define a derived domain for the mozilla/mozilla program when executed by # a user domain. # # The type declaration for the executable type for this program is # provided separately in domains/program/mozilla.te. # define(`mozilla_domain',` x_client_domain($1, mozilla, `, web_client_domain, privlog, transitionbool') # Configuration home_domain($1, mozilla) # Allow mozilla to browse files file_browse_domain($1_mozilla_t) allow $1_mozilla_t sound_device_t:chr_file rw_file_perms; # Unrestricted inheritance from the caller. allow $1_t $1_mozilla_t:process { noatsecure siginh rlimitinh }; allow $1_mozilla_t $1_t:process signull; # Set resource limits and scheduling info. allow $1_mozilla_t self:process { setrlimit setsched }; allow $1_mozilla_t usr_t:{ lnk_file file } { getattr read }; allow $1_mozilla_t var_lib_t:file { getattr read }; allow $1_mozilla_t { random_device_t urandom_device_t }:chr_file { getattr ioctl read }; allow $1_mozilla_t self:socket create_socket_perms; allow $1_mozilla_t self:file { getattr read }; # for bash allow $1_mozilla_t device_t:dir r_dir_perms; allow $1_mozilla_t devpts_t:dir r_dir_perms; allow $1_mozilla_t proc_t:file { getattr read }; r_dir_file($1_mozilla_t, proc_net_t) allow $1_mozilla_t { var_t var_lib_t }:dir search; # interacting with gstreamer r_dir_file($1_mozilla_t, var_t) # Write files to tmp tmp_domain($1_mozilla) # Execute downloaded programs. can_exec($1_mozilla_t, $1_mozilla_tmp_t) # Use printer ifdef(`lpr.te', ` domain_auto_trans($1_mozilla_t, lpr_exec_t, $1_lpr_t) # Print document allow $1_lpr_t $1_mozilla_tmp_t:file rw_file_perms; # Suppress history.fop denial dontaudit $1_lpr_t $1_mozilla_home_t:file { read write }; dontaudit $1_lpr_t $1_mozilla_t:tcp_socket { read write }; dontaudit $1_lpr_t $1_mozilla_t:unix_stream_socket { read write }; ') # ORBit sockets file_type_auto_trans($1_mozilla_t, $1_tmp_t, $1_mozilla_tmp_t) can_unix_connect($1_t, $1_mozilla_t) allow $1_t $1_mozilla_tmp_t:sock_file write; allow $1_mozilla_t $1_tmp_t:file { read write lock }; allow $1_mozilla_t $1_tmp_t:sock_file { read write }; dontaudit $1_mozilla_t $1_tmp_t:dir setattr; # Allow mozilla to read user home content if (mozilla_readhome || mozilla_writehome) { r_dir_file($1_mozilla_t, $1_home_t) } else { dontaudit $1_mozilla_t $1_home_t:dir setattr; dontaudit $1_mozilla_t $1_home_t:file setattr; } if (mozilla_writehome) { file_type_auto_trans($1_mozilla_t, $1_home_t, $1_mozilla_home_t) allow $1_mozilla_t $1_home_t:dir setattr; allow $1_mozilla_t $1_home_t:{ file lnk_file } rw_file_perms; } dnl end if writehome allow $1_mozilla_t $1_t:unix_stream_socket connectto; allow $1_mozilla_t sysctl_net_t:dir search; allow $1_mozilla_t sysctl_t:dir search; ifdef(`cups.te', ` allow $1_mozilla_t cupsd_etc_t:dir search; allow $1_mozilla_t cupsd_rw_etc_t:file { getattr read }; ') allow $1_mozilla_t $1_t:tcp_socket { read write }; allow $1_mozilla_t mozilla_conf_t:file r_file_perms; dontaudit $1_mozilla_t port_type:tcp_socket name_bind; dontaudit $1_mozilla_t dri_device_t:chr_file rw_file_perms; # Mozilla tries to delete .fonts.cache-1 dontaudit $1_mozilla_t $1_home_t:file unlink; allow $1_mozilla_t self:sem create_sem_perms; # Java plugin ifdef(`java.te', ` javaplugin_domain($1_mozilla, $1) ') # Mplayer plugin ifdef(`mplayer.te', ` domain_auto_trans($1_mozilla_t, mplayer_exec_t, $1_mplayer_t) # Read mozilla content in /tmp r_dir_file($1_mplayer_t, $1_mozilla_tmp_t); # FIXME: why does it need this? dontaudit $1_mplayer_t $1_mozilla_home_t:file write; allow $1_mplayer_t $1_mozilla_t:unix_stream_socket { read write }; ')dnl end if mplayer.te if (allow_execmem) { allow $1_mozilla_t self:process { execmem }; } if (allow_execmod) { allow $1_mozilla_t texrel_shlib_t:file execmod; } dbusd_client(system, $1_mozilla) ')dnl end mozilla macro