diff --git a/apparmor.d/profiles-s-z/xournalpp b/apparmor.d/profiles-s-z/xournalpp
index 7d74ce7da..6442fe8b9 100644
--- a/apparmor.d/profiles-s-z/xournalpp
+++ b/apparmor.d/profiles-s-z/xournalpp
@@ -8,11 +8,10 @@ include <tunables/global>
 
 @{exec_path} = @{bin}/xournalpp
 profile xournalpp @{exec_path} {
-  include <abstractions/audio-client>
   include <abstractions/base>
+  include <abstractions/audio-client>
   include <abstractions/dconf-write>
   include <abstractions/desktop>
-  include <abstractions/fonts>
   include <abstractions/fontconfig-cache-read>
   include <abstractions/nameservice-strict>
   include <abstractions/user-read-strict>
@@ -20,16 +19,15 @@ profile xournalpp @{exec_path} {
 
   @{exec_path} mr,
 
+  @{open_path} rPx -> child-open-browsers,
+
   /usr/share/xournalpp/** r,
 
   /etc/machine-id r,
   /etc/pipewire/jack.conf.d/ r,
 
-  owner @{user_config_dirs}/xournalpp/** rw,
-  owner @{user_cache_dirs}/xournalpp/** rw,
-
-  /dev/snd/controlC@{int} w,
-  /dev/snd/pcmC@{rand4} rw,
+  owner @{user_config_dirs}/xournalpp/{,**} rw,
+  owner @{user_cache_dirs}/xournalpp/{,**} rw,
 
   @{sys}/devices/virtual/dmi/id/bios_vendor r,
   @{sys}/devices/virtual/dmi/id/board_vendor r,
@@ -38,6 +36,9 @@ profile xournalpp @{exec_path} {
 
   owner @{PROC}/@{pid}/task/@{tid}/comm rw,
 
+  /dev/snd/controlC@{int} w,
+  /dev/snd/pcmC@{rand4} rw,
+
   include if exists <local/xournalpp>
 }