diff --git a/apparmor.d/abstractions/chromium-common b/apparmor.d/abstractions/chromium-common index 985964bd..314e0d43 100644 --- a/apparmor.d/abstractions/chromium-common +++ b/apparmor.d/abstractions/chromium-common @@ -3,6 +3,9 @@ # Copyright (C) 2022-2023 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# This abstraction is for chromium based application. Chromium based browsers +# need to use abstractions/chromium instead. + abi , # The following rules are needed only when the kernel.unprivileged_userns_clone option is set diff --git a/apparmor.d/abstractions/flatpak-snap b/apparmor.d/abstractions/flatpak-snap index 0a132289..f20a998b 100644 --- a/apparmor.d/abstractions/flatpak-snap +++ b/apparmor.d/abstractions/flatpak-snap @@ -1,6 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2018 Nibaldo Gonzalez -# 2019-2021 Mikhail Morfikov +# Copyright (C) 2019-2021 Mikhail Morfikov # SPDX-License-Identifier: GPL-2.0-only abi , diff --git a/apparmor.d/abstractions/totem b/apparmor.d/abstractions/totem index e553eccc..b2815c19 100644 --- a/apparmor.d/abstractions/totem +++ b/apparmor.d/abstractions/totem @@ -1,7 +1,8 @@ -# vim:syntax=apparmor -# Author: Jamie Strandboge +# apparmor.d - Full set of apparmor profiles +# Copyright (C) Jamie Strandboge +# SPDX-License-Identifier: GPL-2.0-only -# Description: Limit executable access and reasonable read access. A look at +# Limit executable access and reasonable read access. A look at # the gconf schema files for totem-video-thumbnailer reveals at least the # following files: # 3gpp, ac3, acm, aiff, amr-wb, ape, asf, asx, au, avi, basic, divx, dv, flac, diff --git a/apparmor.d/abstractions/user-read b/apparmor.d/abstractions/user-read index 007ae62b..210fd5f2 100644 --- a/apparmor.d/abstractions/user-read +++ b/apparmor.d/abstractions/user-read @@ -2,8 +2,8 @@ # Copyright (C) 2021 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# Give read access on all defined user directories. It should only be used if -# access to ALL folders is required. +# This abstraction gives read access on all defined user directories. It should +# only be used if access to **ALL** folders is required. owner @{HOME}/@{XDG_WALLPAPERS_DIR}/{,**} r, owner @{HOME}/@{XDG_SCREENSHOTS_DIR}/{,**} r,