Hello, while working on confinement of selected KDE apps, I came to following issue: Directories ~/.config, ~/.local, ~/.local/share (and possibly others) are labeled as config_home_t, gconf_home_t and data_home_t all owned by gnome module. These directories are used by much more programs than just GNOME, ranging from KDE apps, pure Qt or GTK apps to for exaple ibus. User's trash is also put in one of those. Therefore I think, that the directories should be labeled with types that are owned by another application/DE unspecific module (Dominick Grift in conversation mentioned these are part of freedesktop specifications, so I guess it can be named eg. freedesktop). And their naming should also resign from application specific names, which is the case of gconf_home_t for ~/.local. Regards, Ondrej Vadinsky -- Don't it always seem to go That you don't know what you've got Till it's gone (Joni Mitchell) -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
