[Pkg-privacy-commits] [torbrowser-launcher] 186/476: added AppArmor instructions to readme

[Ximin Luo]

This is an automated email from the git hooks/post-receive script.

infinity0 pushed a commit to branch debian
in repository torbrowser-launcher.

commit 6f1d0df6565741b07a3c2eaeade2197e56769ce1
Author: Micah Lee <micah at micahflee.com>
Date:   Fri Jan 3 12:30:13 2014 -0800

    added AppArmor instructions to readme
---
 README.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/README.md b/README.md
index 0e48ca4..29b24e7 100644
--- a/README.md
+++ b/README.md
@@ -33,6 +33,17 @@ I've created a PPA where I'm maintaining torbrowser-launcher binaries. You can i
     sudo apt-get update
     sudo apt-get install torbrowser-launcher
 
+Enabling AppArmor Profiles
+--------------------------
+
+AppArmor is a Linux kernel hardening technology that lets you confine specific programs to only use specific resources. For example, if you visit a website that exploits a bug in the Tor Browser to get arbitrary code execution, the attacker won't be able to access files in ~/.gnupg. Here's how you turn on the AppArmor profiles for Tor Browser Launcher and for the programs bundled in the TBB.
+
+    sudo apt-get install apparmor-utils
+    sudo aa-enforce /etc/apparmor.d/usr.bin.torbrowser-launcher
+    sudo aa-enforce /etc/apparmor.d/torbrowser.start-tor-browser
+    sudo aa-enforce /etc/apparmor.d/torbrowser.Browser.firefox
+    sudo aa-enforce /etc/apparmor.d/torbrowser.Tor.tor
+
 Building
 ========
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/torbrowser-launcher.git