felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge 9a658d6ccb into 4df3f2e52f

Browse source
This commit is contained in:
maplemanuka 2023-11-01 07:46:18 +00:00 committed by GitHub
commit fcb511e608
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 31 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

31
child-gedit Normal file
View file

@ -0,0 +1,31 @@
#vim:syntax=apparmor
#AppArmor policy abstraction for child profiles of gedit
#Copyright (C) 2023 Andy Ramos
#SPDX-License-Identifier: GPL-2.0-only
include <abstractions/base>
include <abstractions/dconf-write>
include <abstractions/gnome>
include <abstractions/nameservice-strict>
include <abstractions/gtk>
include <abstractions/enchant>
@{bin}/gedit mrix,
/usr/share/terminfo/x/xterm-256color r,
owner @{user_config_dirs}/ibus/bus/{,**} r,
owner @{user_config_dirs}/gedit/{,**} r,
owner @{user_config_dirs}/gedit/accels rw,
owner @{PROC}/@{pid}/mountinfo r,
# needed?
deny network inet stream,
deny unix (send, receive, connect)
type=stream
peer=(addr="@@{user_cache_dirs}/ibus/dbus-*"),
deny /etc/{fstab,group,machine-id,passwd} r,
deny /run/user/@{uid}/bus rw,