diff options
author | Sven Vermeulen <sven.vermeulen@siphos.be> | 2014-12-31 17:09:57 +0100 |
---|---|---|
committer | Sven Vermeulen <sven.vermeulen@siphos.be> | 2015-01-02 18:18:12 +0100 |
commit | 19677a6d7b12b0568254bbfa6451ea50e58efce6 (patch) | |
tree | 9674835d9d0a00a0cc51fe19bc14edcf786ac598 | |
parent | Grant setuid/setgid to courier_pop_t (diff) | |
download | hardened-refpolicy-19677a6d7b12b0568254bbfa6451ea50e58efce6.tar.gz hardened-refpolicy-19677a6d7b12b0568254bbfa6451ea50e58efce6.tar.bz2 hardened-refpolicy-19677a6d7b12b0568254bbfa6451ea50e58efce6.zip |
Execute courier helper script after authentication
After succesful authentication, the IMAP daemon will attempt to execute
a helper script called /usr/lib64/courier-imap/courier-imapd.indirect.
This helper script is to initiate the user session.
Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
-rw-r--r-- | policy/modules/contrib/courier.te | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/policy/modules/contrib/courier.te b/policy/modules/contrib/courier.te index 29057a72b..e3a3b84a7 100644 --- a/policy/modules/contrib/courier.te +++ b/policy/modules/contrib/courier.te @@ -144,6 +144,8 @@ stream_connect_pattern(courier_pop_t, courier_var_lib_t, courier_var_lib_t, cour domtrans_pattern(courier_pop_t, courier_authdaemon_exec_t, courier_authdaemon_t) +corecmd_exec_shell(courier_pop_t) + miscfiles_read_localization(courier_pop_t) userdom_manage_user_home_content_files(courier_pop_t) |