mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-08 18:31:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor/profiles/apparmor.d/abstractions/private-files

29 lines
823 B
Text
Raw Normal View History

merge profiles from Ubuntu, including change_hat apache2 template
2009-11-11 11:42:30 -08:00
# vim:syntax=apparmor
# privacy-violations contains rules for common files that you want to explicity
# deny access
# privacy violations (don't audit files under $HOME otherwise get a
# lot of false positives when reading contents of directories)
deny @{HOME}/.*history mrwkl,
deny @{HOME}/.fetchmail* mrwkl,
deny @{HOME}/.viminfo* mrwkl,
deny @{HOME}/.*~ mrwkl,
deny @{HOME}/.*.swp mrwkl,
deny @{HOME}/.*~1~ mrwkl,
deny @{HOME}/.*.bak mrwkl,
# special attention to (potentially) executable files
audit deny @{HOME}/bin/** wl,
abstractions/private-files: don't allow wl to autostart directories abstractions/private-files-strict: don't allow access to: - chromium - thunderbird - evolution - kmail - kwallet
2011-01-07 10:44:47 -06:00
audit deny @{HOME}/.config/autostart/** wl,
audit deny @{HOME}/.kde/Autostart/** wl,
merge profiles from Ubuntu, including change_hat apache2 template
2009-11-11 11:42:30 -08:00
deny @{HOME}/.bash* mrk,
audit deny @{HOME}/.bash* wl,
deny @{HOME}/.profile* mrk,
audit deny @{HOME}/.profile* wl,
deny @{HOME}/.*rc mrk,
audit deny @{HOME}/.*rc wl,
Reference in a new issue Copy permalink