[apparmor] [Merge] lp:~intrigeri/apparmor-profiles/pidgin-updates-from-simondeziel into lp:apparmor-profiles

Wed, 12 Aug 2015 04:33:57 -0700 

intrigeri has proposed merging 
lp:~intrigeri/apparmor-profiles/pidgin-updates-from-simondeziel into 
lp:apparmor-profiles.

Requested reviews:
  AppArmor Developers (apparmor-dev)

For more details, see:
https://code.launchpad.net/~intrigeri/apparmor-profiles/pidgin-updates-from-simondeziel/+merge/267798
-- 
Your team AppArmor Developers is requested to review the proposed merge of 
lp:~intrigeri/apparmor-profiles/pidgin-updates-from-simondeziel into 
lp:apparmor-profiles.

=== modified file 'ubuntu/15.04/usr.bin.pidgin'
--- ubuntu/15.04/usr.bin.pidgin	2015-01-20 19:35:34 +0000
+++ ubuntu/15.04/usr.bin.pidgin	2015-08-12 11:32:50 +0000
@@ -6,8 +6,8 @@
   #include <abstractions/audio>
   #include <abstractions/base>
   #include <abstractions/bash>
-  #include <abstractions/dbus>
   #include <abstractions/dbus-session>
+  #include <abstractions/dbus-strict>
   #include <abstractions/enchant>
   #include <abstractions/gnome>
   #include <abstractions/gstreamer>
@@ -20,6 +20,21 @@
   #include <abstractions/ubuntu-helpers>
   #include <abstractions/user-download>
 
+  dbus receive
+       bus=system
+       path=/org/freedesktop/NetworkManager
+       interface=org.freedesktop.NetworkManager
+       member={CheckPermissions,DeviceAdded,DeviceRemoved,StateChanged,PropertiesChanged}
+       peer=(label=unconfined),
+
+  dbus send
+       bus=system
+       path=/org/freedesktop/NetworkManager
+       interface=org.freedesktop.NetworkManager
+       member=state
+       peer=(label=unconfined),
+
+  deny ptrace,
   deny capability sys_ptrace,
   deny @{HOME}/.local/share/applications/wine/ r,
 
@@ -48,7 +63,6 @@
 
   /etc/purple/prefs.xml r,
 
-  /usr/share/gnome/applications/ r,
   /usr/share/glib-2.0/schemas/gschemas.compiled r,
 
   /usr/lib/frei0r-1/*.so rm,
@@ -65,8 +79,8 @@
   /usr/share/tcltk/** r,
   /usr/share/themes/ r,
 
-  owner @{PROC}/[0-9]*/auxv r,
-  owner @{PROC}/[0-9]*/fd/ r,
+  owner @{PROC}/@{pid}/auxv r,
+  owner @{PROC}/@{pid}/fd/ r,
 
   # Site-specific additions and overrides. See local/README for details.
   #include <local/usr.bin.pidgin>


-- 
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

Reply via email to