#

# Macros for mozilla/mozilla (or other browser) domains.

#

#

# Authors:  Stephen Smalley <sds@epoch.ncsc.mil> and Timothy Fraser 

#

#

# mozilla_domain(domain_prefix)

#

# Define a derived domain for the mozilla/mozilla program when executed by

# a user domain.  

#

# The type declaration for the executable type for this program is

# provided separately in domains/program/mozilla.te. 

#

define(`mozilla_domain',`

x_client_domain($1, mozilla, `, web_client_domain, privlog, transitionbool')

# Configuration

home_domain($1, mozilla)

# Allow mozilla to browse files

file_browse_domain($1_mozilla_t)

allow $1_mozilla_t sound_device_t:chr_file rw_file_perms;

# Unrestricted inheritance from the caller.

allow $1_t $1_mozilla_t:process { noatsecure siginh rlimitinh };

allow $1_mozilla_t $1_t:process signull;

# Set resource limits and scheduling info.

allow $1_mozilla_t self:process { setrlimit setsched };

allow $1_mozilla_t usr_t:{ lnk_file file } { getattr read };

allow $1_mozilla_t var_lib_t:file { getattr read };

allow $1_mozilla_t { random_device_t urandom_device_t }:chr_file { getattr ioctl read };

allow $1_mozilla_t self:socket create_socket_perms;

allow $1_mozilla_t self:file { getattr read };

# for bash

allow $1_mozilla_t device_t:dir r_dir_perms;

allow $1_mozilla_t devpts_t:dir r_dir_perms;

allow $1_mozilla_t proc_t:file { getattr read };

r_dir_file($1_mozilla_t, proc_net_t)

allow $1_mozilla_t { var_t var_lib_t }:dir search;

# interacting with gstreamer

r_dir_file($1_mozilla_t, var_t)

# Write files to tmp

tmp_domain($1_mozilla)

# Execute downloaded programs.

can_exec($1_mozilla_t, $1_mozilla_tmp_t)

# Use printer

ifdef(`lpr.te', `

domain_auto_trans($1_mozilla_t, lpr_exec_t, $1_lpr_t)

# Print document

allow $1_lpr_t $1_mozilla_tmp_t:file rw_file_perms;

# Suppress history.fop denial

dontaudit $1_lpr_t $1_mozilla_home_t:file { read write };

dontaudit $1_lpr_t $1_mozilla_t:tcp_socket { read write };

dontaudit $1_lpr_t $1_mozilla_t:unix_stream_socket { read write };

')

# ORBit sockets

file_type_auto_trans($1_mozilla_t, $1_tmp_t, $1_mozilla_tmp_t)

can_unix_connect($1_t, $1_mozilla_t)

allow $1_t $1_mozilla_tmp_t:sock_file write;

allow $1_mozilla_t $1_tmp_t:file { read write lock };

allow $1_mozilla_t $1_tmp_t:sock_file { read write };

dontaudit $1_mozilla_t $1_tmp_t:dir setattr;

# Allow mozilla to read user home content

if (mozilla_readhome || mozilla_writehome) {

r_dir_file($1_mozilla_t, $1_home_t)

} else {

dontaudit $1_mozilla_t $1_home_t:dir setattr;

dontaudit $1_mozilla_t $1_home_t:file setattr;

}

if (mozilla_writehome) {

file_type_auto_trans($1_mozilla_t, $1_home_t, $1_mozilla_home_t)

allow $1_mozilla_t $1_home_t:dir setattr;

allow $1_mozilla_t $1_home_t:{ file lnk_file } rw_file_perms;

} dnl end if writehome

allow $1_mozilla_t $1_t:unix_stream_socket connectto;

allow $1_mozilla_t sysctl_net_t:dir search;

allow $1_mozilla_t sysctl_t:dir search;

ifdef(`cups.te', `

allow $1_mozilla_t cupsd_etc_t:dir search;

allow $1_mozilla_t cupsd_rw_etc_t:file { getattr read };

')

allow $1_mozilla_t $1_t:tcp_socket { read write };

allow $1_mozilla_t mozilla_conf_t:file r_file_perms;

dontaudit $1_mozilla_t port_type:tcp_socket name_bind;

dontaudit $1_mozilla_t dri_device_t:chr_file rw_file_perms;

# Mozilla tries to delete .fonts.cache-1

dontaudit $1_mozilla_t $1_home_t:file unlink;

allow $1_mozilla_t self:sem create_sem_perms;

# Java plugin

ifdef(`java.te', `

javaplugin_domain($1_mozilla, $1)

')

# Mplayer plugin

ifdef(`mplayer.te', `

domain_auto_trans($1_mozilla_t, mplayer_exec_t, $1_mplayer_t)

# Read mozilla content in /tmp

r_dir_file($1_mplayer_t, $1_mozilla_tmp_t);

# FIXME: why does it need this?

dontaudit $1_mplayer_t $1_mozilla_home_t:file write;

allow $1_mplayer_t $1_mozilla_t:unix_stream_socket { read write };

')dnl end if mplayer.te  

if (allow_execmem) {

allow $1_mozilla_t self:process { execmem };

}

if (allow_execmod) {

allow $1_mozilla_t texrel_shlib_t:file execmod;

}

dbusd_client(system, $1_mozilla)

')dnl end mozilla macro