mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-06 17:31:01 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor/profiles/apparmor.d/abstractions/fonts
Vincas Dargis 7b7e98a549 Update fonts abstraction for Debian 
Mikhail Morfikov has discovered [0] that some font packages in Debian
ships font files in /usr/bin/fonts-foo-bar (like
/usr/share/fonts-font-awesome/ for example). This produces denials for
GUI applications.

Update fonts abstraction to allow reading /usr/bin/fonts-* directories.

Also, refactor abstraction to aggregate two old rules into one.

Closes #94

[0] https://gitlab.com/apparmor/apparmor/-/issues/94
2020-06-27 11:48:22 +03:00

66 lines
2.1 KiB
Text
Raw Blame History

# vim:syntax=apparmor
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2009 Novell/SUSE
# Copyright (C) 2009 Canonical Ltd.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
abi <abi/3.0>,
/usr/share/AbiSuite/fonts/** r,
/usr/lib/xorg/modules/fonts/**.so* mr,
/usr/share/fonts/{,**} r,
/usr/share/fonts-*/{,**} r,
/etc/fonts/** r,
# Debian, openSUSE paths are different
/usr/share/{fontconfig,fonts-config,*-fonts}/conf.avail/{,**} r,
/usr/share/ghostscript/fonts/{,**} r,
/opt/kde3/share/fonts/** r,
/usr/lib{,32,64}/openoffice/share/fonts/** r,
/var/cache/fonts/** r,
/var/cache/fontconfig/** mr,
/var/lib/defoma/** mr,
/usr/share/a2ps/fonts/** r,
/usr/share/xfce/fonts/** r,
/usr/share/ghostscript/fonts/** r,
/usr/share/javascript/*/fonts/** r,
/usr/share/texmf/{,*/}fonts/** r,
/usr/share/texlive/texmf-dist/fonts/** r,
/var/lib/ghostscript/** r,
owner @{HOME}/.fonts.conf r,
owner @{HOME}/.fonts/ r,
owner @{HOME}/.fonts/** r,
owner @{HOME}/.local/share/fonts/ r,
owner @{HOME}/.local/share/fonts/** r,
owner @{HOME}/.fonts.cache-2 mr,
owner @{HOME}/.{,cache/}fontconfig/ rw,
owner @{HOME}/.{,cache/}fontconfig/** mrl,
owner @{HOME}/.fonts.conf.d/ r,
owner @{HOME}/.fonts.conf.d/** r,
owner @{HOME}/.config/fontconfig/ r,
owner @{HOME}/.config/fontconfig/** r,
/usr/local/share/fonts/ r,
/usr/local/share/fonts/** r,
# poppler CMap tables
/usr/share/poppler/cMap/** r,
# data files for LibThai
/usr/share/libthai/thbrk.tri r,
# Include additions to the abstraction
include if exists <abstractions/fonts.d>
Reference in a new issue View git blame Copy permalink