Layer: apps

Module: mozilla

Tunables Interfaces Templates

Description:

Policy for Mozilla and related web browsers.

Tunables:

mozilla_execstack

Default value

false

Description

Determine whether mozilla can make its stack executable.

mozilla_manage_all_user_content

Default value

false

Description

Grant the mozilla domains manage rights on all user content

mozilla_manage_generic_user_content

Default value

false

Description

Grant the mozilla domains manage rights on generic user content

mozilla_read_all_user_content

Default value

false

Description

Grant the mozilla domains read access to all user content

mozilla_read_generic_user_content

Default value

true

Description

Grant the mozilla domains read access to generic user content

Return

Interfaces:

mozilla_dbus_chat(
	
		domain
		
	)

Summary

Send and receive messages from mozilla over dbus.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mozilla_dbus_chat_plugin(
	
		domain
		
	)

Summary

Send and receive messages from mozilla plugin over dbus.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mozilla_domtrans(
	
		domain
		
	)

Summary

Run mozilla in the mozilla domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

mozilla_domtrans_plugin(
	
		domain
		
	)

Summary

Execute a domain transition to run mozilla plugin.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

mozilla_domtrans_plugin_config(
	
		domain
		
	)

Summary

Execute a domain transition to run mozilla plugin config.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

mozilla_dontaudit_manage_user_home_files(
	
		domain
		
	)

Summary

Do not audit attempt to Create, read, write, and delete mozilla home directory content.

Parameters

Parameter:	Description:
domain	Domain to not audit.

mozilla_dontaudit_rw_user_home_files(
	
		domain
		
	)

Summary

Do not audit attempts to read and write mozilla home directory files.

Parameters

Parameter:	Description:
domain	Domain to not audit.

mozilla_exec_user_plugin_home_files(
	
		domain
		
	)

Summary

Execute mozilla plugin home directory files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mozilla_execmod_user_plugin_home_files(
	
		domain
		
	)

Summary

Mozilla plugin home directory file text relocation.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mozilla_home_filetrans_plugin_home(
	
		domain
		
			,
		
		object_class
		
			,
		
		name
		
	)

Summary

Create objects in user home directories with the generic mozilla plugin home type.

Parameters

Parameter:	Description:
domain	Domain allowed access.
object_class	Class of the object being created.
name	The name of the object being created.

mozilla_manage_generic_plugin_home_content(
	
		domain
		
	)

Summary

Create, read, write, and delete generic mozilla plugin home content.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mozilla_manage_plugin_rw_files(
	
		domain
		
	)

Summary

Create, read, write, and delete mozilla plugin rw files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mozilla_plugin_delete_tmpfs_files(
	
		domain
		
	)

Summary

Delete mozilla_plugin tmpfs files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mozilla_plugin_read_tmpfs_files(
	
		domain
		
	)

Summary

Read mozilla_plugin tmpfs files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mozilla_read_tmp_files(
	
		domain
		
	)

Summary

Read temporary mozilla files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mozilla_read_user_home_files(
	
		domain
		
	)

Summary

Read mozilla home directory content.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mozilla_role_plugin(
	
		role
		
			,
		
		domain
		
	)

Summary

Role access for mozilla plugin.

Parameters

Parameter:	Description:
role	Role allowed access.
domain	User domain for the role.

mozilla_run_plugin(
	
		domain
		
			,
		
		role
		
	)

Summary

Execute mozilla plugin in the mozilla plugin domain, and allow the specified role the mozilla plugin domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.
role	Role allowed access.

mozilla_run_plugin_config(
	
		domain
		
			,
		
		role
		
	)

Summary

Execute mozilla plugin config in the mozilla plugin config domain, and allow the specified role the mozilla plugin config domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.
role	Role allowed access.

mozilla_rw_tcp_sockets(
	
		domain
		
	)

Summary

Read and write mozilla TCP sockets.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mozilla_write_user_home_files(
	
		domain
		
	)

Summary

Write mozilla home directory files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

Return

Templates:

mozilla_role(
	
		role_prefix
		
			,
		
		user_domain
		
			,
		
		user_exec_domain
		
			,
		
		role
		
	)

Summary

Role access for mozilla.

Parameters

Parameter:	Description:
role_prefix	The prefix of the user role (e.g., user is the prefix for user_r).
user_domain	User domain for the role.
user_exec_domain	User exec domain for execute and transition access.
role	Role allowed access

Return