Attached are two patches to the abstractions that I'm nominating for the 2.7 branch.
Trunk revision 1909: Fix from Felix Geyer: in the enchant abstraction, allow the creation of enchant .config directory. Bug: https://bugs.launchpad.net/bugs/914184 === modified file 'profiles/apparmor.d/abstractions/enchant' --- profiles/apparmor.d/abstractions/enchant 2010-12-22 22:59:44 +0000 +++ profiles/apparmor.d/abstractions/enchant 2012-01-10 10:37:54 +0000 @@ -52,5 +52,5 @@ /usr/share/java/zemberek-tr-[0-9]*.jar r, # per-user dictionaries - owner @{HOME}/.config/enchant/ r, + owner @{HOME}/.config/enchant/ rw, owner @{HOME}/.config/enchant/* rwk, Trunk revision 1910: Fix from Felix Geyer: block write access to ~/.kde/env because KDE automatically sources scripts in that folder on startup. Bug: https://bugs.launchpad.net/bugs/914190 === modified file 'profiles/apparmor.d/abstractions/private-files' --- profiles/apparmor.d/abstractions/private-files 2012-01-06 16:29:32 +0000 +++ profiles/apparmor.d/abstractions/private-files 2012-01-10 10:54:12 +0000 @@ -16,6 +16,7 @@ audit deny @{HOME}/bin/** wl, audit deny @{HOME}/.config/autostart/** wl, audit deny @{HOME}/.kde/Autostart/** wl, + audit deny @{HOME}/.kde/env/** wl, audit deny @{HOME}/.pki/nssdb/*.so{,.[0-9]*} wl, # don't allow reading/updating of run control files -- Steve Beattie <[email protected]> http://NxNW.org/~steve/
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
