mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

explictly allow binaries from certain directories

Browse source
This commit is contained in:
Octavio Galland 2024-12-13 12:44:48 -03:00
parent e7807b3761
commit 667816fe43
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
profiles/apparmor.d/tar
View file

@ -17,7 +17,9 @@ profile tar /usr/bin/tar {
file rwl /**, file rwl /**,
# tar can be made to filter archives through an arbitrary program # tar can be made to filter archives through an arbitrary program
/** mrwlkix, /{usr{/local,},}/{bin,sbin}/* Pix,
/opt/** Pix,
@{HOME}/bin/* Pix,
# used to extract user files as root # used to extract user files as root
capability chown, capability chown,