summaryrefslogtreecommitdiff
blob: 8b0187c2d2c0e6faddf1384374ca98d79c69ffea (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
diff -Naur tomoyo-tools.orig/tomoyo_init_policy.c tomoyo-tools/tomoyo_init_policy.c
--- tomoyo-tools.orig/tomoyo_init_policy.c	2009-07-27 15:00:00.000000000 +0900
+++ tomoyo-tools/tomoyo_init_policy.c	2009-07-29 01:56:32.000000000 +0900
@@ -728,6 +728,15 @@
 		echo("file_pattern "
 		     "/tmp/crontab.\\?\\?\\?\\?\\?\\?/crontab");
 	}
+	const char *exe = which("crontab");
+	if (!exe)
+		return;
+	if (fgrep("crontab.XXXXXXXXXX", exe))
+		echo("file_pattern /tmp/crontab.XXXX\\?\\?\\?\\?\\?\\?");
+	if (fgrep("crontab.XXXXXX", exe))
+		echo("file_pattern /tmp/crontab.\\?\\?\\?\\?\\?\\?");
+	if (fgrep("fcr-XXXXXX", exe))
+		echo("file_pattern /tmp/fcr-\\?\\?\\?\\?\\?\\?");
 }
 
 static void make_globally_readable_files(void)
@@ -737,6 +746,8 @@
 		"/etc/ld.so.cache", "/proc/meminfo",
 		"/proc/sys/kernel/version", "/etc/localtime",
 		"/usr/lib/gconv/gconv-modules.cache",
+		"/usr/lib32/gconv/gconv-modules.cache",
+		"/usr/lib64/gconv/gconv-modules.cache",
 		"/usr/share/locale/locale.alias"
 	};
 	int i;
@@ -813,6 +824,7 @@
 		"/sbin/syslogd",
 		"/sbin/udevd",
 		"/usr/X11R6/bin/xfs",
+		"/usr/bin/dbus-daemon",
 		"/usr/bin/dbus-daemon-1",
 		"/usr/bin/jserver",
 		"/usr/bin/mDNSResponder",
@@ -906,6 +918,11 @@
 		echo("file_pattern /var/spool/squid/\\*/\\*/");
 		echo("file_pattern /var/spool/squid/\\*/\\*/\\*");
 	}
+	if (!lstat("/var/cache/squid", &buf) && S_ISDIR(buf.st_mode)) {
+		echo("file_pattern /var/cache/squid/\\*/");
+		echo("file_pattern /var/cache/squid/\\*/\\*/");
+		echo("file_pattern /var/cache/squid/\\*/\\*/\\*");
+	}
 }
 
 static void make_patterns_for_spamd(void)
@@ -1059,6 +1076,10 @@
 	}
 	if (fgrep("/tmp/whatis.XXXXXX", exe))
 		echo("file_pattern /tmp/whatis.\\?\\?\\?\\?\\?\\?");
+	if (fgrep("/tmp/whatis.tmp.dir.$$", exe)) {
+		echo("file_pattern /tmp/whatis.tmp.dir\\$/");
+		echo("file_pattern /tmp/whatis.tmp.dir\\$/w");
+	}
 }
 
 static void make_patterns_for_automount(void)
@@ -1238,6 +1259,10 @@
 	echo("file_pattern /etc/gshadow.\\$");
 	echo("file_pattern /etc/passwd.\\$");
 	echo("file_pattern /etc/shadow.\\$");
+	echo("file_pattern /etc/group.edit");
+	echo("file_pattern /etc/gshadow.edit");
+	echo("file_pattern /etc/passwd.edit");
+	echo("file_pattern /etc/shadow.edit");
 	echo("file_pattern /var/cache/logwatch/logwatch.\\*/");
 	echo("file_pattern /var/cache/logwatch/logwatch.\\*/\\*");
 	echo("file_pattern /var/tmp/sqlite_\\*");