diff --git a/profiles/apparmor.d/tinyproxy b/profiles/apparmor.d/tinyproxy index 2b075474f..0376bbfe2 100644 --- a/profiles/apparmor.d/tinyproxy +++ b/profiles/apparmor.d/tinyproxy @@ -18,6 +18,9 @@ profile tinyproxy /usr/bin/tinyproxy { include include + # allow to drop privileges + capability setgid, + # to provide flexibility, when run as root tinyproxy may need to read files # owned by other users capability dac_override,