Hello,
Am Dienstag, 7. Februar 2012 schrieb Jamie Strandboge:
> diff -Naurp -x .bzr -x common
> apparmor-trunk/utils/easyprof/policygroups/opt-application
> apparmor-trunk-easyprof/utils/easyprof/policygroups/opt-application
> --- apparmor-trunk/utils/easyprof/policygroups/opt-application 1969-12-31
> 18:00:00.000000000 -0600
> +++ apparmor-trunk-easyprof/utils/easyprof/policygroups/opt-application
> 2012-02-06 16:39:38.000000000 -0600
> @@ -0,0 +1,3 @@
> +# Policy group for applications installed in /opt
> +/opt/@{APPNAME}/ r,
> +/opt/@{APPNAME}/** mrlk,
Is the "l" permission really needed for /opt?
> diff -Naurp -x .bzr -x common
> apparmor-trunk/utils/easyprof/policygroups/user-application
> apparmor-trunk-easyprof/utils/easyprof/policygroups/user-application
> --- apparmor-trunk/utils/easyprof/policygroups/user-application 1969-12-31
> 18:00:00.000000000 -0600
> +++ apparmor-trunk-easyprof/utils/easyprof/policygroups/user-application
> 2012-02-06 16:39:38.000000000 -0600
> @@ -0,0 +1,7 @@
> +# Policy group allowing various writes to standard directories in @{HOMEDIRS}
> +owner @{HOMEDIRS}/.cache/@{APPNAME}/ rw,
> +owner @{HOMEDIRS}/.cache/@{APPNAME}/** rwkl,
> +owner @{HOMEDIRS}/.config/@{APPNAME}/ rw,
> +owner @{HOMEDIRS}/.config/@{APPNAME}/** rwkl,
> +owner @{HOMEDIRS}/.local/share/@{APPNAME}/ rw,
> +owner @{HOMEDIRS}/.local/share/@{APPNAME}/** rwkl,
You should also allow to create ~/.cache, ~/.config ~/.local and
~/.local/share (in other words: include abstractions/xdg-desktop).
Regards,
Christian Boltz
--
Angela Merkel zitiere ich ja am liebsten wörtlich. Ich hab noch keine
bessere Möglichkeit gefunden, diese Frau zu beleidigen.
-- Volker Pispers
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
