[Pkg-privacy-commits] [torbrowser-launcher] 182/476: wrote apparmor profile for torbrowser-launcher itself (#72)
Ximin Luo
infinity0 at moszumanska.debian.org
Sat Aug 22 13:21:35 UTC 2015
This is an automated email from the git hooks/post-receive script.
infinity0 pushed a commit to branch debian
in repository torbrowser-launcher.
commit 644c8c3755dfc878ec6b1bd0f0a215022505b58d
Author: Micah Lee <micah at micahflee.com>
Date: Thu Jan 2 15:55:30 2014 -0800
wrote apparmor profile for torbrowser-launcher itself (#72)
---
apparmor/usr.bin.torbrowser-launcher | 58 ++++++++++++++++++++++++++++++++++++
setup.py | 2 +-
2 files changed, 59 insertions(+), 1 deletion(-)
diff --git a/apparmor/usr.bin.torbrowser-launcher b/apparmor/usr.bin.torbrowser-launcher
new file mode 100644
index 0000000..6f253ea
--- /dev/null
+++ b/apparmor/usr.bin.torbrowser-launcher
@@ -0,0 +1,58 @@
+# Last Modified: Thu Jan 2 15:12:38 2014
+#include <tunables/global>
+
+/usr/bin/torbrowser-launcher {
+ #include <abstractions/base>
+ #include <abstractions/nameservice>
+ #include <abstractions/python>
+
+ capability sys_ptrace,
+
+ #/bin/{dash,grep,ps} rix,
+ /dev/ r,
+ /dev/pts/ r,
+ /etc/magic r,
+ /etc/fonts/** r,
+ /var/cache/fontconfig/* r,
+ /usr/share/fonts/ r,
+ @{HOME}/.Xauthority r,
+ @{HOME}/.cache/fontconfig/e2d80dc3d99bd64349f910b1f0a35039-le64.cache-4 r,
+ @{HOME}/.config/pulse/cookie rk,
+ @{HOME}/.local/share/fonts/ r,
+ @{HOME}/.torbrowser/ rw,
+ @{HOME}/.torbrowser/** mrwk,
+ @{HOME}/.torbrowser/gnupg_homedir/* l,
+ @{HOME}/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/start-tor-browser ux,
+ @{PROC}/ r,
+ @{PROC}/*/cmdline r,
+ @{PROC}/*/maps r,
+ @{PROC}/*/mountinfo r,
+ @{PROC}/*/mounts r,
+ @{PROC}/*/stat r,
+ @{PROC}/*/status r,
+ @{PROC}/*/task/** r,
+ @{PROC}/filesystems r,
+ @{PROC}/meminfo r,
+ @{PROC}/sys/kernel/pid_max r,
+ @{PROC}/tty/drivers r,
+ @{PROC}/uptime r,
+ /usr/bin/ r,
+ /usr/bin/{gpg,wmctrl,dirname,expr,file,getconf,id,dash,grep,ps} rix,
+ /usr/bin/python2.7 rix,
+ /usr/bin/torbrowser-launcher rux,
+ /usr/lib{,32,64}/** mr,
+ /usr/local/share/fonts/ r,
+ /usr/local/share/fonts/** r,
+ /usr/share/file/magic.mgc r,
+ /usr/share/file/magic/ r,
+ /usr/share/fonts/** r,
+ /usr/share/icons/ r,
+ /usr/share/icons/** r,
+ /usr/share/mime/ r,
+ /usr/share/mime/* r,
+ /usr/share/pixmaps/ r,
+ /usr/share/pixmaps/torbrowser{32,80}.xpm r,
+ /usr/share/themes/** r,
+ /usr/share/torbrowser-launcher/** r,
+
+}
diff --git a/setup.py b/setup.py
index 6d586f8..8114ed5 100644
--- a/setup.py
+++ b/setup.py
@@ -58,7 +58,7 @@ Tor Browser Launcher will get updated each time a new version of TBB is released
('/usr/share/pixmaps', ['img/torbrowser32.xpm', 'img/torbrowser80.xpm']),
('/usr/share/torbrowser-launcher', ['keys/erinn.asc', 'keys/sebastian.asc', 'keys/alexandre.asc', 'keys/mike.asc', 'keys/mike-2013-09.asc', 'torproject.pem', 'mirrors.txt', 'modem.ogg']),
('/usr/share/torbrowser-launcher/locale/en', ['locale/en/messages.pot']),
- ('/etc/apparmor.d/', ['apparmor/torbrowser.Browser.firefox', 'apparmor/torbrowser.start-tor-browser', 'apparmor/torbrowser.Tor.tor']),
+ ('/etc/apparmor.d/', ['apparmor/torbrowser.Browser.firefox', 'apparmor/torbrowser.start-tor-browser', 'apparmor/torbrowser.Tor.tor', 'apparmor/usr.bin.torbrowser-launcher']),
# unpackaged third party libraries
('/usr/share/torbrowser-launcher/lib/txsocksx', file_list('lib/txsocksx-0.0.2/txsocksx')),
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/torbrowser-launcher.git
More information about the Pkg-privacy-commits
mailing list