[apparmor] Firefox profile and ~/Downloads, ~/Public folders permission.

Daniel Curtis sidetripping at gmail.com
Sun Apr 28 14:05:30 UTC 2013


Hi. As we know, default Firefox profile contains something like this;

,-----[ Default profile allows (...) ]
| owner @{HOME}/ r,
| owner @{HOME}/Public/ r,
| owner @{HOME}/Public/* r,
| owner @{HOME}/Download/ r,
| owner @{HOME}/Download/* rw,
`-----

Default profile allows downloads to ~/Downloads and uploads from ~/Public,
right? So, what should I do or add to achieve this functionality. For now I
can upload and download files everywhere I want. I would like to achieve
that the profile will block (permission denied etc.) any attempts to save
files in another directory.

I've added a one option after owner$[HOME] mentioned above, but it did not
work;

,-----[ added option ]
| deny @{HOME}/ r,
`-----

Generally; I would like to achieve situation where Firefox/user can not
save file anywhere; just in Download directory.

Best regards.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20130428/b9f12c93/attachment.html>


More information about the AppArmor mailing list