Thanks for this starting point; I have a few suggestions.
It'd be nice to use @{PROC} throughout for /proc/ rules.
It'd be nice to use Pixm for the pulseaudio program, so an existing profile for
it can be used.
Granting lock to all of /usr/share/** feels too wide -- I can't think of
consequences now, but it seems needless.
No existing profiles grant write privileges to /var/cache/fontconfig/* --
probably skype should also not have the ability to modify system-wide
fontconfig cache files.
It would be nice to use the two-argument form of link permission for the
kdeglobals rule to restrict which files can be linked.
It would be nice to use owner on the /tmp/tmp/** rule, to keep several users
from colliding in this directory.
Thanks
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1325131
Title:
Skype apparmor
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/skype/+bug/1325131/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
