feat(profile): improve the use of org.chromium.Chromium.@{rand6}.

apparmor.d/groups/browsers/brave

@@ -8,7 +8,7 @@ abi <abi/3.0>,
 include <tunables/global>
 
 @{name} = brave{,-beta,-dev,-bin}
-@{domain} = com.brave.Brave
+@{domain} = com.brave.Brave org.chromium.Chromium
 @{lib_dirs} = /opt/brave{-bin,.com}{,/@{name}}
 @{config_dirs} = @{user_config_dirs}/BraveSoftware/Brave-Browser{,-Beta,-Dev}
 @{cache_dirs} = @{user_cache_dirs}/BraveSoftware/Brave-Browser{,-Beta,-Dev}
@@ -43,11 +43,6 @@ profile brave @{exec_path} {
 
   owner @{tmp}/net-export/ rw,  # For brave://net-export/
 
-  owner @{tmp}/.org.chromium.Chromium.* rwk,
-  owner @{tmp}/.org.chromium.Chromium*/{,**} rw,
-
-  owner /dev/shm/.org.chromium.Chromium.* rw,
-
   # Silencer
   deny /etc/opt/chrome/ w,
   deny /dev/disk/by-uuid/ r,

apparmor.d/groups/gnome/gnome-shell

@@ -294,7 +294,7 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
   owner @{run}/user/@{uid}/snap.snap*/wayland-cursor-shared-* rw,
   owner @{run}/user/@{uid}/systemd/notify rw,
 
-  owner /dev/shm/.org.chromium.Chromium.* rw,
+  owner /dev/shm/.org.chromium.Chromium.@{rand6} rw,
   owner /dev/shm/wayland.mozilla.ipc.@{int} rw,
 
         /tmp/.X@{int}-lock rw,

apparmor.d/profiles-g-l/git

@@ -105,7 +105,7 @@ profile git @{exec_path} flags=(attach_disconnected) {
   deny owner @{user_share_dirs}/gvfs-metadata/* r,
   deny owner @{user_share_dirs}/zed/**/data.mdb rw,
   deny /usr/share/nvidia/nvidia-application-profiles-* r,
-  deny /dev/shm/.org.chromium.Chromium* rw,
+  deny /dev/shm/.org.chromium.Chromium.@{rand6} rw,
 
   profile gpg flags=(attach_disconnected) {
     include <abstractions/base>