jgdye
/
samwiseetc
1
0
Fork 0
Code Issues Pull Requests Releases Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
samwiseetc/apparmor.d/abstractions/private-files-strict

26 lines
1.0 KiB
Plaintext
Raw Permalink Blame History

# vim:syntax=apparmor
# privacy-violations-strict contains additional rules for sensitive
# files that you want to explicitly deny access
#include <abstractions/private-files>
# potentially extremely sensitive files
audit deny @{HOME}/.aws/{,**} mrwkl,
audit deny @{HOME}/.gnupg/{,**} mrwkl,
audit deny @{HOME}/.ssh/{,**} mrwkl,
audit deny @{HOME}/.gnome2_private/{,**} mrwkl,
audit deny @{HOME}/.gnome2/ w,
audit deny @{HOME}/.gnome2/keyrings/{,**} mrwkl,
# don't allow access to any gnome-keyring modules
audit deny /{,var/}run/user/[0-9]*/keyring** mrwkl,
audit deny @{HOME}/.mozilla/{,**} mrwkl,
audit deny @{HOME}/.config/ w,
audit deny @{HOME}/.config/chromium/{,**} mrwkl,
audit deny @{HOME}/.config/evolution/{,**} mrwkl,
audit deny @{HOME}/.evolution/{,**} mrwkl,
audit deny @{HOME}/.{,mozilla-}thunderbird/{,**} mrwkl,
audit deny @{HOME}/.kde{,4}/{,share/,share/apps/} w,
audit deny @{HOME}/.kde{,4}/share/apps/kmail{,2}/{,**} mrwkl,
audit deny @{HOME}/.kde{,4}/share/apps/kwallet/{,**} mrwkl,
Reference in New Issue View Git Blame Copy Permalink