mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-08 18:31:03 +01:00
40751c2ed3
and gnome-appearance-properties (LP: #514356, LP: #573344) abstractions/ubuntu-browsers.d/user-files: update for /net (LP: #593413)
25 lines
743 B
Text
25 lines
743 B
Text
# Allow read to all files user has DAC access to and write access to all
|
|
# files owned by the user in $HOME.
|
|
@{HOME}/ r,
|
|
@{HOME}/** r,
|
|
owner @{HOME}/** w,
|
|
owner @{HOME}/Desktop/** r,
|
|
|
|
# Do not allow read and/or write to particularly sensitive/problematic files
|
|
#include <abstractions/private-files>
|
|
audit deny @{HOME}/.ssh/** mrwkl,
|
|
audit deny @{HOME}/.gnome2_private/** mrwkl,
|
|
|
|
# Comment this out if using gpg plugin/addons
|
|
audit deny @{HOME}/.gnupg/** mrwkl,
|
|
|
|
# Allow read to all files user has DAC access to and write for files the user
|
|
# owns on removable media and filesystems.
|
|
/media/** r,
|
|
/mnt/** r,
|
|
/srv/** r,
|
|
/net/** r,
|
|
owner /media/** w,
|
|
owner /mnt/** w,
|
|
owner /srv/** w,
|
|
owner /net/** w,
|