Execute courier helper script after authentication

After succesful authentication, the IMAP daemon will attempt to execute a helper script called /usr/lib64/courier-imap/courier-imapd.indirect. This helper script is to initiate the user session. Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
author: Sven Vermeulen <sven.vermeulen@siphos.be> 2014-12-31 17:09:57 +0100
committer: Sven Vermeulen <sven.vermeulen@siphos.be> 2015-01-02 18:18:12 +0100
commit: 19677a6d7b12b0568254bbfa6451ea50e58efce6 (patch)
tree: 9674835d9d0a00a0cc51fe19bc14edcf786ac598
parent: Grant setuid/setgid to courier_pop_t (diff)
download: hardened-refpolicy-19677a6d7b12b0568254bbfa6451ea50e58efce6.tar.gz
hardened-refpolicy-19677a6d7b12b0568254bbfa6451ea50e58efce6.tar.bz2
hardened-refpolicy-19677a6d7b12b0568254bbfa6451ea50e58efce6.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/policy/modules/contrib/courier.te b/policy/modules/contrib/courier.te
index 29057a72b..e3a3b84a7 100644
--- a/policy/modules/contrib/courier.te
+++ b/policy/modules/contrib/courier.te
@@ -144,6 +144,8 @@ stream_connect_pattern(courier_pop_t, courier_var_lib_t, courier_var_lib_t, cour
 
 domtrans_pattern(courier_pop_t, courier_authdaemon_exec_t, courier_authdaemon_t)
 
+corecmd_exec_shell(courier_pop_t)
+
 miscfiles_read_localization(courier_pop_t)
 
 userdom_manage_user_home_content_files(courier_pop_t)
author	Sven Vermeulen <sven.vermeulen@siphos.be>	2014-12-31 17:09:57 +0100
committer	Sven Vermeulen <sven.vermeulen@siphos.be>	2015-01-02 18:18:12 +0100
commit	19677a6d7b12b0568254bbfa6451ea50e58efce6 (patch)
tree	9674835d9d0a00a0cc51fe19bc14edcf786ac598
parent	Grant setuid/setgid to courier_pop_t (diff)
download	hardened-refpolicy-19677a6d7b12b0568254bbfa6451ea50e58efce6.tar.gz hardened-refpolicy-19677a6d7b12b0568254bbfa6451ea50e58efce6.tar.bz2 hardened-refpolicy-19677a6d7b12b0568254bbfa6451ea50e58efce6.zip