A bug[1] was filed in Ubuntu to add the following to the audio
abstraction:
@{HOME}/.config rw,
The logic was that in the audio abstraction we have the following:
@{HOME}/.cache/event-sound-cache.* rw,
so the logic follows that if this rule is in the abstraction, then
if .config didn't exist, it must be created. While I understand the
reasoning, it didn't feel quite right, so Steve, John and I discussed
this and came up with the idea that we should create an xdg-desktop
abstraction based on the upstream documentation[2]. Attached patch adds
this abstraction.
[1]https://launchpad.net/bugs/914386
[2]http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html
--
Jamie Strandboge | http://www.canonical.com
=== added file 'profiles/apparmor.d/abstractions/xdg-desktop' --- profiles/apparmor.d/abstractions/xdg-desktop 1970-01-01 00:00:00 +0000 +++ profiles/apparmor.d/abstractions/xdg-desktop 2012-01-11 11:07:19 +0000 @@ -0,0 +1,24 @@ +# vim:syntax=apparmor +# ------------------------------------------------------------------ +# +# Copyright (C) 2012 Canonical Ltd. +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of version 2 of the GNU General Public +# License published by the Free Software Foundation. +# +# ------------------------------------------------------------------ + + # Entries based on: + # http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html + + owner @{HOME}/.cache/ rw, + + owner @{HOME}/.config/ rw, + + owner @{HOME}/.local/ rw, + owner @{HOME}/.local/share/ rw, + + # fallbacks + /usr/share/ r, + /usr/local/share/ r,
signature.asc
Description: This is a digitally signed message part
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
