Public bug reported:
in one site firefox is heavily uses hdd, i would look what files does it
use. recently i have suspected my firefox is hacked, i would look what
files does change or read. i can see files that it could not access
because of apparmor, but i cannot see files that it can access and even
change. also i would mark certain locations to be logged whenever
firefox tries to write or even tries read it, because it is seldomly
used by myself, if it is used when i have not opened it it means that
some hacker opened it. also places where hacker code could be installed
could be marked to be logged on writing. i think it can work this way:
@{HOME}/docs/** rwL, where L mean that this action should be logged
(even if it is allowed).
** Affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/804362
Title:
enhancement: log certain allowed access
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/804362/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs