mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-09 02:41:03 +01:00
f7c6a848bb
abstractions/private-files-strict: don't allow access to: - chromium - thunderbird - evolution - kmail - kwallet
18 lines
685 B
Text
18 lines
685 B
Text
# vim:syntax=apparmor
|
|
# privacy-violations-strict contains additional rules for sensitive
|
|
# files that you want to explicity deny access
|
|
|
|
#include <abstractions/private-files>
|
|
|
|
# potentially extremely sensitive files
|
|
audit deny @{HOME}/.gnupg/** mrwkl,
|
|
audit deny @{HOME}/.ssh/** mrwkl,
|
|
audit deny @{HOME}/.gnome2_private/** mrwkl,
|
|
audit deny @{HOME}/.mozilla/** mrwkl,
|
|
audit deny @{HOME}/.config/chromium/** mrwkl,
|
|
audit deny @{HOME}/.{,mozilla-}thunderbird/** mrwkl,
|
|
audit deny @{HOME}/.evolution/** mrwkl,
|
|
audit deny @{HOME}/.config/evolution/** mrwkl,
|
|
audit deny @{HOME}/.kde/share/apps/kmail/** mrwkl,
|
|
audit deny @{HOME}/.kde/share/apps/kwallet/** mrwkl,
|
|
|