From 8d2d972201711c4eac203a16d1c3107826854d55 Mon Sep 17 00:00:00 2001
From: maplemanuka <149565728+maplemanuka@users.noreply.github.com>
Date: Wed, 1 Nov 2023 07:51:22 +0000
Subject: [PATCH] Create child-vim

---
 child-vim | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 child-vim

diff --git a/child-vim b/child-vim
new file mode 100644
index 000000000..09504eb02
--- /dev/null
+++ b/child-vim
@@ -0,0 +1,42 @@
+#vim:syntax=apparmor
+#AppArmor policy abstraction for child profiles of vim
+#Copyright (C) 2023 Andy Ramos <public@gracelesslady.art>
+#SPDX-License-Identifier: GPL-2.0-only
+
+    include <abstractions/base>
+    include <abstractions/nameservice-strict>
+	
+    @{bin}/@{unix_shell} rix,
+    @{bin}/nvim mrix,
+    @{bin}/vi mrix,
+    @{bin}/vim{,.{basic,tiny}} mrix,
+
+    @{bin}/xclip rPx,
+
+    /etc/vim/{,**}                       r,
+    /etc/vimrc                           r,
+    /usr/share/terminfo/x/xterm-256color r,
+    /usr/share/{,n}vim/{,**}             r,
+
+    owner @{HOME}/.fzf/plugin/           r,
+    owner @{HOME}/.fzf/plugin/{,fzf.vim} r,
+    owner @{HOME}/.viminf{o,z}{,.tmp}    rw,
+    owner @{HOME}/{,.}{,n}vim*/{,**}     rw,
+
+    owner @{HOME}/.local/share/nvim/shada/main.shada rw,
+    owner @{HOME}/.local/share/nvim/shada/main.shada.tmp.a rw,
+    owner @{user_cache_dirs}/{,n}vim/{,**}        rw,
+    owner @{user_config_dirs}/{,n}vim/{,**} r,
+
+    /tmp/                                r,
+    /tmp/{,n}vim*/{,**}                  rw,
+
+    deny owner @{HOME}/ r,
+
+    /dev/tty rw,
+    # if you don't want to deny pts, then remove the line above and below, and:
+    # include <abstractions/consoles>
+    deny /dev/pts/[0-9] rw,
+
+    # Needed?
+    deny network inet stream,