felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

General profiles update.

Browse source
This commit is contained in:
Alexandre Pujol 2022-03-26 20:43:47 +00:00
parent d7be27411b
commit 20c3b0575c
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
22 changed files with 101 additions and 155 deletions
Download patch file Download diff file Expand all files Collapse all files

3
apparmor.d/groups/browsers/chromium-chromium
View file

@ -64,6 +64,7 @@ profile chromium-chromium @{exec_path} flags=(attach_disconnected) {
/{usr/,}bin/xdg-settings rPx,
/usr/share/chromium/{,**} r,
/usr/share/egl/{,**} r,
/usr/share/glib-2.0/schemas/gschemas.compiled r,
/usr/share/mozilla/extensions/{,**} r,
/usr/share/webext/{,**} r,
@ -74,6 +75,7 @@ profile chromium-chromium @{exec_path} flags=(attach_disconnected) {
/etc/fstab r,
/etc/libva.conf r,
/etc/opensc.conf r,
/etc/igfx_user_feature{,_next}.txt w,
/var/lib/dbus/machine-id r,
/etc/machine-id r,
@ -147,6 +149,7 @@ profile chromium-chromium @{exec_path} flags=(attach_disconnected) {
@{sys}/devices/virtual/**/report_descriptor r,
@{sys}/devices/virtual/dmi/id/product_name r,
@{sys}/devices/virtual/dmi/id/sys_vendor r,
@{sys}/devices/pci[0-9]*/**/boot_vga r,
deny @{sys}/devices/virtual/tty/tty[0-9]/active r,

1
apparmor.d/groups/browsers/firefox
View file

@ -177,6 +177,7 @@ profile firefox @{exec_path} flags=(attach_disconnected) {
deny owner @{PROC}/@{pids}/environ r,
/dev/ r,
/dev/video[0-9]* rw,
/dev/hidraw[0-9]* rw,
owner /dev/dri/card[0-9]* rw, # File Inherit
owner /dev/shm/org.chromium.* rw,