Update various profiles

Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>

apparmor.d/groups/browsers/brave

@@ -18,6 +18,8 @@ profile brave @{exec_path} {
   include <abstractions/base>
   include <abstractions/chromium>
 
+  unix (send, receive) type=stream peer=brave-crashpad-handler,
+
   @{exec_path} mrix,
 
   @{bin}/man  rPUx, #  For "brave --help"
@@ -25,8 +27,10 @@ profile brave @{exec_path} {
   /usr/share/chromium/extensions/ r,
 
   /etc/opt/chrome/ r,
+  /etc/opt/chrome/native-messaging-hosts/* r,
 
   owner @{user_config_dirs}/BraveSoftware/ rw,
+  owner @{user_config_dirs}/kioslaverc r,
   owner @{user_config_dirs}/menus/applications-merged/ r,
   owner @{user_config_dirs}/menus/applications-merged/xdg-desktop-menu-dummy.menu r,
 
@@ -42,6 +46,7 @@ profile brave @{exec_path} {
 
   # Silencer
   deny /etc/opt/chrome/ w,
+  deny /dev/disk/by-uuid/ r,
 
   include if exists <local/brave>
 }

apparmor.d/groups/browsers/brave-crashpad-handler

@@ -16,11 +16,15 @@ profile brave-crashpad-handler @{exec_path} {
 
   capability sys_ptrace,
 
+  unix (send, receive) type=stream peer=(label=brave),
+
   ptrace peer=brave,
   signal (send) peer=brave,
 
   @{exec_path} mrix,
 
+  owner @{user_config_dirs}/BraveSoftware/Brave-Browser/CrashpadMetrics-active.pma rw,
+  owner @{user_config_dirs}/BraveSoftware/Brave-Browser/CrashpadMetrics.pma rw,
   owner "@{config_dirs}/Crash Reports/**" rwk,
 
         @{PROC}/sys/kernel/yama/ptrace_scope r,

apparmor.d/groups/browsers/brave-wrapper

@@ -27,7 +27,7 @@ profile brave-wrapper @{exec_path} {
 
   @{lib_dirs}/brave rPx,
 
-  owner @{PROC}/@{pid}/fd/ w,
+  owner @{PROC}/@{pid}/fd/@{int} w,
 
   # Silencer
   deny @{user_share_dirs}/gvfs-metadata/* r,