small fixes

2024-10-04 17:13:32 +03:00 · 2024-10-04 17:13:32 +03:00 · 806f0a64f8
commit 806f0a64f8
parent 475000db21
2 changed files with 9 additions and 13 deletions
--- a/apparmor.d/profiles-a-f/briar-desktop
+++ b/apparmor.d/profiles-a-f/briar-desktop
@ -21,8 +21,6 @@ profile briar-desktop @{exec_path} {
  network inet6 dgram,
  network inet6 stream,

-  @{lib}/jvm/java*/lib/jspawnhelper Cx -> jspawnhelper,
-
  ptrace read peer=briar-desktop-tor,
  ptrace read peer=@{profile_name}//jspawnhelper,

@ -30,14 +28,14 @@ profile briar-desktop @{exec_path} {

  @{lib}/jvm/java*/bin/java rix,
  @{lib}/jvm/java*/lib/** rm,
+  @{lib}/jvm/java*/lib/jspawnhelper Cx -> jspawnhelper,
  @{sh_path} mr,

-  @{system_share_dirs}/icons/{,**} r,
  @{system_share_dirs}/java/briar-desktop.jar r,

-  /etc/java*/{{logging,net,sound}.properties,security/java.{security,policy}} r,
+  /etc/java*/{,**} r,

-  owner @{HOME}/.briar/{,**} rw,
+  owner @{HOME}/.briar/desktop/{,**} rw,
  owner @{HOME}/.briar/desktop/db/db.mv.db k,

  owner @{HOME}/.java/{,.userPrefs/{,org/}} w,
@ -55,8 +53,8 @@ profile briar-desktop @{exec_path} {

  owner @{tmp}/hsperfdata_@{user}/ rw,
  owner @{tmp}/hsperfdata_@{user}/@{pid} rwk,
-  owner @{tmp}/imageio[0-9]*.tmp rw,
-  owner @{tmp}/jna[0-9]*.tmp mrw,
+  owner @{tmp}/imageio@{u64}.tmp rw,
+  owner @{tmp}/jna@{u64}.tmp mrw,

  @{sys}/devices/system/cpu/cpu@{int}/microcode/version r,
  @{sys}/fs/cgroup/user.slice/user-@{uid}.slice/session-@{int}.scope/{cpu,memory}.max r,
--- a/apparmor.d/profiles-a-f/briar-desktop-tor
+++ b/apparmor.d/profiles-a-f/briar-desktop-tor
@ -13,17 +13,15 @@ profile briar-desktop-tor {
  network inet6 stream,
  network netlink raw,

-  owner @{HOME}/.briar/desktop/tor/obfs4proxy Cx -> obfs4proxy,
-  owner @{HOME}/.briar/desktop/tor/snowflake Cx -> snowflake,
-
  signal send set=term peer=briar-desktop-tor//obfs4proxy,
  signal send set=term peer=briar-desktop-tor//snowflake, 

-  owner @{HOME}/.briar/desktop/tor/tor r,
-
-  owner @{HOME}/.briar/desktop/tor/torrc r,
  owner @{HOME}/.briar/desktop/tor/.tor/{,**} rw,
  owner @{HOME}/.briar/desktop/tor/.tor/lock k,
+  owner @{HOME}/.briar/desktop/tor/obfs4proxy Cx -> obfs4proxy,
+  owner @{HOME}/.briar/desktop/tor/snowflake Cx -> snowflake,
+  owner @{HOME}/.briar/desktop/tor/tor r,
+  owner @{HOME}/.briar/desktop/tor/torrc r,

  @{PROC}/sys/kernel/random/uuid r,