commit: c5fa34fb27569f5e6710a0b323221219e03b025c
Author: Guido Trentalancia <guido <AT> trentalancia <DOT> com>
AuthorDate: Fri Aug 25 16:51:24 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Sep 8 22:48:51 2017 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=c5fa34fb
libmtp: read symlinks in user home directories
Let libmtp read symbolic links in the user home
directories, if the "libmtp_enable_home_dirs"
boolean is enabled.
Signed-off-by: Guido Trentalancia <guido <AT> trentalancia.com>
policy/modules/contrib/libmtp.te | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/policy/modules/contrib/libmtp.te b/policy/modules/contrib/libmtp.te
index 64c851e3..bacfb1b7 100644
--- a/policy/modules/contrib/libmtp.te
+++ b/policy/modules/contrib/libmtp.te
@@ -7,8 +7,8 @@ policy_module(libmtp, 1.0.0)
## <desc>
## <p>
-## Determine whether libmtp can
-## manage the user home directories
+## Determine whether libmtp can read
+## and manage the user home directories
## and files.
## </p>
## </desc>
@@ -55,5 +55,6 @@ optional_policy(`
tunable_policy(`libmtp_enable_home_dirs',`
userdom_manage_user_home_content_files(libmtp_t)
+ userdom_read_user_home_content_symlinks(libmtp_t)
userdom_user_home_dir_filetrans_user_home_content(libmtp_t, file )
')
