felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(pass): restrict secret dir path.

Browse source
This commit is contained in:
Alexandre Pujol 2023-04-16 20:46:17 +01:00
parent 15029a198a
commit 03b98ad7de
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
4 changed files with 1 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

1
apparmor.d/groups/gpg/gpgconf
View file

@ -31,7 +31,6 @@ profile gpgconf @{exec_path} {
owner @{HOME}/@{XDG_GPG_DIR}/** rwkl -> @{HOME}/@{XDG_GPG_DIR}/**,
owner @{run}/user/@{uid}/gnupg/ w,
owner @{run}/user/@{uid}/gnupg/** rwkl -> @{run}/user/@{uid}/gnupg/**,
owner @{user_projects_dirs}/**/gnupg/** rwkl -> @{user_projects_dirs}/**/gnupg/**,
owner @{PROC}/@{pid}/task/@{tid}/stat rw,
owner @{PROC}/@{pid}/task/@{tid}/comm rw,

1
apparmor.d/groups/gpg/gpgsm
View file

@ -23,7 +23,6 @@ profile gpgsm @{exec_path} {
deny /usr/bin/.gnupg/ w,
owner @{HOME}/@{XDG_GPG_DIR}/** rwkl -> @{HOME}/@{XDG_GPG_DIR}/**,
owner @{user_projects_dirs}/**/gnupg/** rwkl -> @{user_projects_dirs}/**,
owner /var/lib/*/.gnupg/** rwkl -> /var/lib/*/.gnupg/**,