Desktop apps interoperability
Ivan Gyurdiev
ivg2 at cornell.edu
Mon Mar 28 04:57:35 UTC 2005
Okay, mozilla's handling of saved files is a problem. Here's what it
does - files saved under ROLE_home_dir_t, or ROLE_home_t directories
turn to ROLE_mozilla_home_t via file_type_auto_trans.
Here's what gift does by default - it has a download folder where it
puts stuff. The downloaded files turn to ROLE_gift_home_t (context of
parent folder, which is ~/.giFT/completed or something).
Here's what mencoder does - it saves stuff as ROLE_mplayer_home_t
via file_type_auto_trans.
==============
This is bad for interoperability. Using the home_domain macro,
the user has access to the home_domain type of an application.
However one app has no access to the home_domain type of another app.
Basically I can never play (mplayer) a movie that I just downloaded,
whether or not it was via mozilla, or gift.
Alternatively, there could be a common data type - ROLE_home_t.
However none of those apps can save its data directly
under /home/username as ROLE_home_t, because all of them have a
home_domain, and that's where the file_type_auto_trans rule is used.
There can't be more than one file_type_auto_trans on the same folder
type (right?). Furthermore this seems to be explicitly avoided for
mozilla (it does not write to ROLE_home_t for security reasons -
overwriting .bashrc?).
============
Ok, here
Fundamentally, what I want to know is:
1) Do desktop apps need to be confined? Is it a good idea to confine
them?
2) If so, a shared data type is needed for interoperability.
Is ROLE_home_t acceptable for that purpose.
3)
0) No
1) Shared data type is needed for interoperability
2) Keeping both application settings, and user data in the same folder
is a problem
More information about the fedora-selinux-list
mailing list