[Pkg-privacy-commits] [torbrowser-launcher] 336/476: Hide AppArmor log about torbrowser-launcher trying to read the Python interpreter.
Ximin Luo
infinity0 at moszumanska.debian.org
Sat Aug 22 13:21:53 UTC 2015
This is an automated email from the git hooks/post-receive script.
infinity0 pushed a commit to branch debian
in repository torbrowser-launcher.
commit bfabd820beb383e8326ba652eb91beafa0a67143
Author: intrigeri <intrigeri at boum.org>
Date: Thu Aug 14 16:27:45 2014 +0000
Hide AppArmor log about torbrowser-launcher trying to read the Python interpreter.
Oh well, this script doesn't really need to read the interpreter that's
running it.
---
apparmor/usr.bin.torbrowser-launcher | 3 +++
1 file changed, 3 insertions(+)
diff --git a/apparmor/usr.bin.torbrowser-launcher b/apparmor/usr.bin.torbrowser-launcher
index 1b2c03b..610bfd5 100644
--- a/apparmor/usr.bin.torbrowser-launcher
+++ b/apparmor/usr.bin.torbrowser-launcher
@@ -14,6 +14,9 @@
capability sys_ptrace,
+ # This script doesn't really need to read the interpreter that's running it.
+ deny /usr/bin/python{2,3}.[0-7]* r,
+
/bin/{dash,grep,ps} rix,
/dev/ r,
/etc/magic r,
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/torbrowser-launcher.git
More information about the Pkg-privacy-commits
mailing list