mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-24 03:48:13 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

feat(profile): firefox: restric access to /tmp

Browse source
This commit is contained in:
Alexandre Pujol 2024-12-23 22:17:35 +01:00
parent edaa45067a
commit 7167de932c
Failed to generate hash of commit
1 changed files with 2 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
apparmor.d/groups/browsers/firefox
View file

@ -59,9 +59,8 @@ profile firefox @{exec_path} flags=(attach_disconnected) {
owner @{user_share_dirs}/mime/packages/user-extension-{htm,html,xht,xhtml,shtml}.xml.* rw,
owner @{tmp}/.xfsm-ICE-@{rand6} rw,
owner @{tmp}/@{rand6}.tmp r,
owner @{tmp}/@{rand8}.txt w,
owner @{tmp}/* w, # file downloads (to anywhere)
owner @{tmp}/@{rand8}.* rw, # file downloads (to anywhere)
owner @{tmp}/@{uuid}.zip{,.tmp} rw,
owner @{tmp}/Mozilla@{uuid}-cachePurge-{@{hex15},@{hex16}} rwk,
owner @{tmp}/mozilla* rw,
owner @{tmp}/mozilla*/ rw,