Holger Levsen wrote (25 Jan 2016 12:52:23 GMT) :
> sadly this doesn't apply - could you please just attach your file
here it is:
Cheers,
--
intrigeri
# Last modified
#include <tunables/global>
/home/*/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/firefox
{
#include <abstractions/gnome>
# Uncomment the following line if you don't want the Tor Browser
# to have direct access to your sound hardware. Note that this is not
# enough to have working sound support in Tor Browser.
# #include <abstractions/audio>
# Uncomment the following lines if you want to give the Tor Browser read-write
# access to most of your personal files.
# #include <abstractions/user-download>
# @{HOME}/ r,
#dbus,
network tcp,
deny /etc/host.conf r,
deny /etc/hosts r,
deny /etc/nsswitch.conf r,
deny /etc/resolv.conf r,
deny /etc/passwd r,
deny /etc/group r,
deny /etc/mailcap r,
deny /etc/machine-id r,
deny /var/lib/dbus/machine-id r,
@{PROC}/[0-9]*/mountinfo r,
@{PROC}/[0-9]*/stat r,
@{PROC}/[0-9]*/task/*/stat r,
@{PROC}/sys/kernel/random/uuid r,
owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/ r,
owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/* r,
owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/.** rwk,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/update.test/
rwk,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/.** rwk,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/ rw,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser.bak/
rwk,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/** rw,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/*.so mr,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/components/*.so
mr,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/browser/components/*.so
mr,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/firefox
rix,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/updates/[0-9]*/updater
ix,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/updates/0/MozUpdater/bgupdate/updater
ix,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/TorBrowser/Data/Browser/profiles.ini
r,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/TorBrowser/Data/Browser/profile.default/
r,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/TorBrowser/Data/Browser/profile.default/**
rwk,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/TorBrowser/Tor/tor
Px,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/TorBrowser/Tor/libstdc++.so.6
m,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/Desktop/
rw,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/Desktop/**
rwk,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/Downloads/
rw,
owner
@{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/Downloads/**
rwk,
/etc/mailcap r,
/etc/mime.types r,
/usr/share/ r,
/usr/share/mime/ r,
/usr/share/themes/ r,
/usr/share/applications/** rk,
/usr/share/gnome/applications/ r,
/usr/share/gnome/applications/kde4/ r,
/usr/share/poppler/cMap/ r,
/sys/devices/system/cpu/ r,
/sys/devices/system/cpu/present r,
deny /sys/devices/virtual/block/*/uevent r,
# Should use abstractions/gstreamer instead once merged upstream
/etc/udev/udev.conf r,
/run/udev/data/+pci:* r,
/sys/devices/pci[0-9]*/**/uevent r,
owner /{dev,run}/shm/shmfd-* rw,
# KDE 4
owner @{HOME}/.kde/share/config/* r,
# Xfce4
/etc/xfce4/defaults.list r,
/usr/share/xfce4/applications/ r,
#include <local/torbrowser.Browser.firefox>
}
