From a15061700b8ff56f8cdc66af5ee7b4cdb73d7851 Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Sat, 3 Apr 2021 23:24:28 +0100
Subject: [PATCH] chromium: for now, no access to mozilla files.

---
 apparmor.d/groups/browsers/chromium-chromium | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/apparmor.d/groups/browsers/chromium-chromium b/apparmor.d/groups/browsers/chromium-chromium
index 4a2e000e..c11829b5 100644
--- a/apparmor.d/groups/browsers/chromium-chromium
+++ b/apparmor.d/groups/browsers/chromium-chromium
@@ -106,14 +106,14 @@ profile chromium-chromium @{exec_path} {
   owner @{CHROMIUM_CACHEDIR}/*/**/todelete_* rw,
 
   # For importing data (bookmarks, cookies, etc) from Firefox
-  owner @{HOME}/.mozilla/firefox/profiles.ini r,
-  owner @{HOME}/.mozilla/firefox/*/ r,
-  owner @{HOME}/.mozilla/firefox/*/compatibility.ini r,
-  owner @{HOME}/.mozilla/firefox/*/search{,-metadata}.json r,
-  owner @{HOME}/.mozilla/firefox/*/.parentlock rwk,
-  owner @{HOME}/.mozilla/firefox/*/{places,cookies,favicons,formhistory,}.sqlite{,-wal,-shm,-journal} rwk,
-  owner @{HOME}/.mozilla/firefox/*/{cert9,key4}.db rwk,
-  owner @{HOME}/.mozilla/firefox/*/logins.json r,
+  # owner @{HOME}/.mozilla/firefox/profiles.ini r,
+  # owner @{HOME}/.mozilla/firefox/*/ r,
+  # owner @{HOME}/.mozilla/firefox/*/compatibility.ini r,
+  # owner @{HOME}/.mozilla/firefox/*/search{,-metadata}.json r,
+  # owner @{HOME}/.mozilla/firefox/*/.parentlock rwk,
+  # owner @{HOME}/.mozilla/firefox/*/{places,cookies,favicons,formhistory,}.sqlite{,-wal,-shm,-journal} rwk,
+  # owner @{HOME}/.mozilla/firefox/*/{cert9,key4}.db rwk,
+  # owner @{HOME}/.mozilla/firefox/*/logins.json r,
 
   /etc/fstab r,
 
@@ -191,6 +191,7 @@ profile chromium-chromium @{exec_path} {
   # file_inherit
   owner /dev/tty[0-9]* rw,
 
+  /etc/opensc.conf r,
 
   profile open {
     include <abstractions/base>