felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor(profiles): use @{bin} and @{lib} in profiles (6)

Browse source
This commit is contained in:
Alexandre Pujol 2023-07-09 14:46:56 +01:00
parent fcedbbfd95
commit 7c2c806ffa
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
156 changed files with 828 additions and 791 deletions
Download patch file Download diff file Expand all files Collapse all files

18
apparmor.d/profiles-m-r/pass-import
View file

@ -6,7 +6,7 @@ abi <abi/3.0>,
include <tunables/global>
@{exec_path} = /{usr/,}bin/pimport
@{exec_path} = @{bin}/pimport
profile pass-import @{exec_path} {
include <abstractions/base>
include <abstractions/python>
@ -20,15 +20,15 @@ profile pass-import @{exec_path} {
@{exec_path} mr,
/{usr/,}bin/ r,
/{usr/,}bin/pass rPx,
/{usr/,}{s,}bin/ldconfig rix,
/{usr/,}bin/gcc rix, # TODO: Test deny
/{usr/,}bin/ld rix,
/{usr/,}bin/python3.[0-9]* rix,
/{usr/,}lib/gcc/**/collect2 rix,
@{bin}/ r,
@{bin}/gcc rix, # TODO: Test deny
@{bin}/ld rix,
@{bin}/ldconfig rix,
@{bin}/pass rPx,
@{bin}/python3.[0-9]* rix,
@{lib}/gcc/**/collect2 rix,
/{usr/,}lib/python{2.[4-7],3,3.[0-9]*}/** w, # TODO: Test deny
@{lib}/python{2.[4-7],3,3.[0-9]*}/** w, # TODO: Test deny
/usr/share/file/misc/magic.mgc r,