felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profile): use the new @{tmp} variable.

Browse source 
It is only used with the owner statement.
This commit is contained in:
Alexandre Pujol 2024-05-02 22:12:02 +01:00
parent 0bbbe71422
commit 3f69b9fec4
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
257 changed files with 668 additions and 685 deletions
Download patch file Download diff file Expand all files Collapse all files

47
apparmor.d/groups/browsers/firefox
View file

@ -155,32 +155,27 @@ profile firefox @{exec_path} flags=(attach_disconnected) {
/tmp/ r,
/var/tmp/ r,
owner /tmp/.xfsm-ICE-@{rand6} rw,
owner /tmp/@{name}/ rw,
owner /tmp/@{name}/* rwk,
owner /tmp/@{rand6}.tmp r,
owner /tmp/@{rand8}.txt w,
owner /tmp/* w, # file downloads (to anywhere)
owner /tmp/firefox_*/ rw,
owner /tmp/firefox_*/* rwk,
owner /tmp/mozilla_*/ rw,
owner /tmp/mozilla_*/* rw,
owner /tmp/mozilla-temp-@{int} rw,
owner /tmp/Mozilla@{uuid}-cachePurge-??????????????? rwk,
owner /tmp/Mozilla\{@{uuid}\}-cachePurge-??????????????? rwk,
owner /tmp/MozillaBackgroundTask-???????????????-removeDirectory/.parentlock k,
owner /tmp/MozillaBackgroundTask-???????????????-removeDirectory/{**,} rw,
owner /tmp/Mozillato-be-removed-cachePurge-??????????????? rwk,
owner /tmp/Temp-@{uuid}/{**,} rw,
owner /tmp/tmp-???.xpi rw,
owner /tmp/tmpaddon r,
owner /tmp/tmpaddon-@{int} r,
owner /tmp/user/@{uid}/ rw,
owner /tmp/user/@{uid}/@{name}/ rw,
owner /tmp/user/@{uid}/@{name}/* rwk,
owner /tmp/user/@{uid}/* rwk,
owner /tmp/user/@{uid}/Temp-@{uuid}/ rw,
owner /tmp/user/@{uid}/Temp-@{uuid}/* rwk,
owner @{tmp}/.xfsm-ICE-@{rand6} rw,
owner @{tmp}/@{name}/ rw,
owner @{tmp}/@{name}/* rwk,
owner @{tmp}/@{rand6}.tmp r,
owner @{tmp}/@{rand8}.txt w,
owner @{tmp}/* w, # file downloads (to anywhere)
owner @{tmp}/firefox_*/ rw,
owner @{tmp}/firefox_*/* rwk,
owner @{tmp}/mozilla_*/ rw,
owner @{tmp}/mozilla_*/* rw,
owner @{tmp}/mozilla-temp-@{int} rw,
owner @{tmp}/Mozilla@{uuid}-cachePurge-??????????????? rwk,
owner @{tmp}/Mozilla\{@{uuid}\}-cachePurge-??????????????? rwk,
owner @{tmp}/MozillaBackgroundTask-???????????????-removeDirectory/.parentlock k,
owner @{tmp}/MozillaBackgroundTask-???????????????-removeDirectory/{**,} rw,
owner @{tmp}/Mozillato-be-removed-cachePurge-??????????????? rwk,
owner @{tmp}/Temp-@{uuid}/ rw,
owner @{tmp}/Temp-@{uuid}/** rwk,
owner @{tmp}/tmp-???.xpi rw,
owner @{tmp}/tmpaddon r,
owner @{tmp}/tmpaddon-@{int} r,
@{run}/mount/utab r,