# vim:syntax=apparmor
# privacy-violations-strict contains additional rules for sensitive
# files that you want to explicitly deny access

  #include <abstractions/private-files>

  # potentially extremely sensitive files
  audit deny @{HOME}/.gnupg/** mrwkl,
  audit deny @{HOME}/.ssh/** mrwkl,
  audit deny @{HOME}/.gnome2_private/** mrwkl,
  audit deny @{HOME}/.gnome2/keyrings/** mrwkl,
  # don't allow access to any gnome-keyring modules
  audit deny /{,var/}run/user/[0-9]*/keyring** mrwkl,
  audit deny @{HOME}/.mozilla/** mrwkl,
  audit deny @{HOME}/.config/chromium/** mrwkl,
  audit deny @{HOME}/.{,mozilla-}thunderbird/** mrwkl,
  audit deny @{HOME}/.evolution/** mrwkl,
  audit deny @{HOME}/.config/evolution/** mrwkl,
  audit deny @{HOME}/.kde{,4}/share/apps/kmail{,2}/** mrwkl,
  audit deny @{HOME}/.kde{,4}/share/apps/kwallet/** mrwkl,