[Pkg-privacy-commits] [torbrowser-launcher] 17/59: AppArmor: move to plugin-container, and extend, the commented-out lines that help making sound work.

Roger Shimizu rogershimizu at gmail.com
Mon Jan 29 13:43:57 UTC 2018 

This is an automated email from the git hooks/post-receive script.

rosh pushed a commit to branch debian/sid
in repository torbrowser-launcher.

commit 3f8e6f93d7cd5af46f8f166f1180eec2a2056583
Author: intrigeri <intrigeri at boum.org>
Date:   Fri Jun 23 08:30:30 2017 +0000

    AppArmor: move to plugin-container, and extend, the commented-out lines that help making sound work.
    
    Apparently these permissions are now needed by plugin-container, not by the
    master firefox process.
---
 apparmor/torbrowser.Browser.firefox          | 5 -----
 apparmor/torbrowser.Browser.plugin-container | 7 +++++++
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/apparmor/torbrowser.Browser.firefox b/apparmor/torbrowser.Browser.firefox
index 5ccf8a3..1ab099b 100644
--- a/apparmor/torbrowser.Browser.firefox
+++ b/apparmor/torbrowser.Browser.firefox
@@ -4,11 +4,6 @@
 /home/*/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/firefox {
   #include <abstractions/gnome>
 
-  # Uncomment the following line if you don't want the Tor Browser
-  # to have direct access to your sound hardware. Note that this is not
-  # enough to have working sound support in Tor Browser.
-  # #include <abstractions/audio>
-
   # Uncomment the following lines if you want to give the Tor Browser read-write
   # access to most of your personal files.
   # #include <abstractions/user-download>
diff --git a/apparmor/torbrowser.Browser.plugin-container b/apparmor/torbrowser.Browser.plugin-container
index 21faf53..ef2b706 100644
--- a/apparmor/torbrowser.Browser.plugin-container
+++ b/apparmor/torbrowser.Browser.plugin-container
@@ -4,6 +4,13 @@
 profile torbrowser_plugin_container {
   #include <abstractions/gnome>
 
+  # Uncomment the following lines if you don'want the Tor Browser
+  # to have direct access to your sound hardware.
+  # #include <abstractions/audio>
+  # /etc/asound.conf r,
+  # owner @{PROC}/@{pid}/fd/ r,
+  # owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/tmp/mozilla-temp-* rw,
+
   deny /etc/host.conf r,
   deny /etc/hosts r,
   deny /etc/nsswitch.conf r,

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/torbrowser-launcher.git

More information about the Pkg-privacy-commits mailing list