--- nsaserefpolicy/policy/modules/services/w3c.fc	1969-12-31 19:00:00.000000000 -0500
+++ serefpolicy-3.5.5/policy/modules/services/w3c.fc	2008-08-14 13:53:54.000000000 -0400
@@ -0,0 +1,2 @@
+/usr/share/w3c-markup-validator(/.*)?		gen_context(system_u:object_r:httpd_w3c_validator_content_t,s0)
+/usr/share/w3c-markup-validator/cgi-bin(/.*)?	gen_context(system_u:object_r:httpd_w3c_validator_script_exec_t,s0)
--- nsaserefpolicy/policy/modules/services/w3c.if	1969-12-31 19:00:00.000000000 -0500
+++ serefpolicy-3.5.5/policy/modules/services/w3c.if	2008-08-14 13:53:54.000000000 -0400
@@ -0,0 +1,20 @@
+## <summary>W3C</summary>
+
+########################################
+## <summary>
+##	Execute w3c server in the w3c domain.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	The type of the process performing this action.
+##	</summary>
+## </param>
+#
+#
+interface(`w3c_script_domtrans',`
+	gen_require(`
+		type w3c_script_exec_t;
+	')
+
+	init_script_domtrans_spec($1, w3c_script_exec_t)
+')
--- nsaserefpolicy/policy/modules/services/w3c.te	1969-12-31 19:00:00.000000000 -0500
+++ serefpolicy-3.5.5/policy/modules/services/w3c.te	2008-08-14 13:53:54.000000000 -0400
@@ -0,0 +1,14 @@
+policy_module(w3c, 1.2.1)
+
+apache_content_template(w3c_validator)
+
+sysnet_dns_name_resolve(httpd_w3c_validator_script_t)
+
+corenet_tcp_connect_ftp_port(httpd_w3c_validator_script_t)
+corenet_tcp_sendrecv_ftp_port(httpd_w3c_validator_script_t)
+corenet_tcp_connect_http_port(httpd_w3c_validator_script_t)
+corenet_tcp_sendrecv_http_port(httpd_w3c_validator_script_t)
+corenet_tcp_connect_http_cache_port(httpd_w3c_validator_script_t)
+corenet_tcp_sendrecv_http_cache_port(httpd_w3c_validator_script_t)
+
+miscfiles_read_certs(httpd_w3c_validator_script_t)