2009-11-11 11:42:30 -08:00
|
|
|
# vim:syntax=apparmor
|
|
|
|
|
# privacy-violations-strict contains additional rules for sensitive
|
2012-01-06 10:29:32 -06:00
|
|
|
# files that you want to explicitly deny access
|
2009-11-11 11:42:30 -08:00
|
|
|
|
|
|
|
|
#include <abstractions/private-files>
|
|
|
|
|
|
|
|
|
|
# potentially extremely sensitive files
|
|
|
|
|
audit deny @{HOME}/.gnupg/** mrwkl,
|
|
|
|
|
audit deny @{HOME}/.ssh/** mrwkl,
|
|
|
|
|
audit deny @{HOME}/.gnome2_private/** mrwkl,
|
2013-05-13 14:55:23 -05:00
|
|
|
audit deny @{HOME}/.gnome2/keyrings/** mrwkl,
|
2013-12-19 23:19:40 -08:00
|
|
|
# don't allow access to any gnome-keyring modules
|
|
|
|
|
audit deny /{,var/}run/user/[0-9]*/keyring** mrwkl,
|
2009-11-11 11:42:30 -08:00
|
|
|
audit deny @{HOME}/.mozilla/** mrwkl,
|
2011-01-07 10:44:47 -06:00
|
|
|
audit deny @{HOME}/.config/chromium/** mrwkl,
|
|
|
|
|
audit deny @{HOME}/.{,mozilla-}thunderbird/** mrwkl,
|
|
|
|
|
audit deny @{HOME}/.evolution/** mrwkl,
|
|
|
|
|
audit deny @{HOME}/.config/evolution/** mrwkl,
|
2012-01-19 15:20:28 +01:00
|
|
|
audit deny @{HOME}/.kde{,4}/share/apps/kmail{,2}/** mrwkl,
|
|
|
|
|
audit deny @{HOME}/.kde{,4}/share/apps/kwallet/** mrwkl,
|
2009-11-11 11:42:30 -08:00
|
|
|
|
