Dne Čt 16. září 2010 21:22:07 jste napsal(a): > On 09/16/2010 12:16 PM, Nicky726 wrote: > > Hello, > > > > while working on confinement of selected KDE apps, I came to following > > issue: > > > > Directories ~/.config, ~/.local, ~/.local/share (and possibly others) are > > labeled as config_home_t, gconf_home_t and data_home_t all owned by gnome > > module. These directories are used by much more programs than just GNOME, > > ranging from KDE apps, pure Qt or GTK apps to for exaple ibus. User's > > trash is also put in one of those. > > Therefore I think, that the directories should be labeled with types that > > are owned by another application/DE unspecific module (Dominick Grift in > > conversation mentioned these are part of freedesktop specifications, so > > I guess it can be named eg. freedesktop). And their naming should also > > resign from application specific names, which is the case of > > gconf_home_t for ~/.local. > > > > Regards, > > Ondrej Vadinsky > > That is fine, and messages like this should go to the refpolicy mail > list. refpolicy@xxxxxxxxxxxxxx Those types seem to be part of Fedora SELinux policy, I could not find them in refpolicy, therefore I wrote to Fedora mailing list. > We have lots of types that have used specific applications and ended up > being used by other applications. We have not gone back and changed the > names, mainly because of the hassle. For example. > > /usr/bin/epiphany -- system_u:object_r:mozilla_exec_t:s0 Uh, ok, if you say so. Regards, Ondrej Vadinsky -- Don't it always seem to go That you don't know what you've got Till it's gone (Joni Mitchell) -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
