1 files changed, 52 insertions, 0 deletions

diff --git a/policy/modules/apps/xscreensaver.te b/policy/modules/apps/xscreensaver.te
new file mode 100644
index 00000000..f4f8b005
--- /dev/null
+++ b/policy/modules/apps/xscreensaver.te
@@ -0,0 +1,52 @@
+policy_module(xscreensaver, 1.0.0)
+
+########################################
+#
+# Declarations
+#
+
+type xscreensaver_t;
+type xscreensaver_exec_t;
+application_domain(xscreensaver_t, xscreensaver_exec_t)
+
+type xscreensaver_tmpfs_t;
+files_tmpfs_file(xscreensaver_tmpfs_t)
+ubac_constrained(xscreensaver_tmpfs_t)
+
+########################################
+#
+# Local policy
+#
+auth_use_nsswitch(xscreensaver_t)
+
+logging_send_audit_msgs(xscreensaver_t)
+logging_send_syslog_msg(xscreensaver_t)
+miscfiles_read_localization(xscreensaver_t)
+
+allow xscreensaver_t self:fifo_file rw_fifo_file_perms;
+allow xscreensaver_t self:process signal;
+
+#access to .icons and ~/.xscreensaver
+userdom_read_user_home_content_files(xscreensaver_t)
+
+userdom_use_user_ptys(xscreensaver_t)
+
+files_read_usr_files(xscreensaver_t)
+
+auth_domtrans_chk_passwd(xscreensaver_t)
+
+#/var/run/utmp
+init_read_utmp(xscreensaver_t)
+
+########################################
+#
+# X Serveur and co
+#
+xserver_user_x_domain_template(xscreensaver, xscreensaver_t, xscreensaver_tmpfs_t)
+
+########################################
+#
+# process, kernel and /proc /dev /sys
+#
+
+kernel_read_system_state(xscreensaver_t)