mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-18 17:08:09 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(profile): update some browser based profiles.

Browse source
This commit is contained in:
Alexandre Pujol 2024-03-05 17:39:36 +00:00
parent bc69b193ea
commit a7e37528d5
Failed to generate hash of commit
3 changed files with 6 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
apparmor.d/groups/browsers/brave-crashpad-handler
View file

@ -23,9 +23,9 @@ profile brave-crashpad-handler @{exec_path} {
@{exec_path} mrix,
owner @{user_config_dirs}/BraveSoftware/Brave-Browser/CrashpadMetrics-active.pma rw,
owner @{user_config_dirs}/BraveSoftware/Brave-Browser/CrashpadMetrics.pma rw,
owner "@{config_dirs}/Crash Reports/**" rwk,
owner @{config_dirs}/CrashpadMetrics-active.pma rw,
owner @{config_dirs}/CrashpadMetrics.pma rw,
@{PROC}/sys/kernel/yama/ptrace_scope r,
owner @{PROC}/@{pid}/fd/ r,

2
apparmor.d/groups/browsers/chrome-wrapper
View file

@ -10,7 +10,7 @@ include <tunables/global>
@{lib_dirs} = /opt/google/chrome{,-beta,-unstable}
@{exec_path} = @{lib_dirs}/google-chrome{,-beta,-unstable}
profile chrome-wrapper @{exec_path} {
profile chrome-wrapper @{exec_path} flags=(attach_disconnected) {
include <abstractions/base>
include <abstractions/consoles>

14
apparmor.d/groups/browsers/firefox
View file

@ -53,18 +53,10 @@ profile firefox @{exec_path} flags=(attach_disconnected) {
signal (send) set=(term, kill) peer=keepassxc-proxy,
signal (send) set=(term, kill) peer=firefox-*,
dbus bind bus=session name=org.mozilla.firefox.*,
dbus bind bus=session name=org.mpris.MediaPlayer2.firefox.*,
dbus bind bus=session name=org.mozilla.firefox_beta.*,
deny dbus send bus=system path=/org/freedesktop/hostname1,
# dbus: own bus=session name=org.mozilla.firefox
# dbus: own bus=session name=org.mozilla.firefox_beta
dbus bind bus=session name=org.mozilla.firefox.*,
dbus receive bus=session path=/org/mozilla/firefox/*
interface=org.mozilla.firefox
peer=(name=:*, label=@{profile_name}),
dbus send bus=session path=/org/mozilla/firefox/*
interface=org.mozilla.firefox
peer=(name=org.mozilla.firefox.*, label=@{profile_name}),
deny dbus send bus=system path=/org/freedesktop/hostname1,
dbus bind bus=session name=org.mpris.MediaPlayer2.firefox.*,
dbus (send, receive) bus=session path=/org/mpris/MediaPlayer2