-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/27/2012 05:23 PM, goeran@xxxxxxxxxxx wrote: > Daniel J Walsh: >> Can you get .personal-username into the .personal directory? > > Not in any obvious way. It's a closed source program (started from > firefox) which creates and removes it. Ok we would have to write custom policy for this then. We can write fairly tight policy for a fixed name being created within the homedir, In this case we have to allow mozilla-plugin to create any file in the homedir if it does not exist and label it mozilla_home_t. Which means a plugin could create .bashrc for example, if it did not exist. I am adding a boolean mozilla_plugin_enable_homedirs to control whether or not mozilla/firefox plugins can create random content file/directories in the users homedir. (Disabled by default). -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk+erY4ACgkQrlYvE4MpobMcZACfacOaCroUXtjo05fZpJZY8yLr J78AnAinaety84CbtePHOSGb7j5idkUd =ax0E -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
