[apparmor] [Merge] ~intrigeri/apparmor-profiles/+git/apparmor-profiles:stricter-totem into apparmor-profiles:master
intrigeri
intrigeri at boum.org
Tue Nov 8 14:33:25 UTC 2016
Hi!
Seth Arnold:
> What motivated the change from ** to [a-zA-Z0-9]?
Noticing that Totem had access e.g. to my OTR and GnuPG private keys,
which seems to void most of the purpose (for my use case at least) of
confining Totem in the first place. Basically, in my tests, the "**"
rule cancels the effect of private-files-strict.
> This will prevent access to files in directories Видео/ or ビデオ/.
Oops, good catch. Thank you! I'll resubmit something nicer (and
simpler), i.e. granting access to any file in $HOME, as long as the
name of the top-level sub-directory does not start with '.'.
--
https://code.launchpad.net/~intrigeri/apparmor-profiles/+git/apparmor-profiles/+merge/310120
Your team AppArmor Developers is requested to review the proposed merge of ~intrigeri/apparmor-profiles/+git/apparmor-profiles:stricter-totem into apparmor-profiles:master.
More information about the AppArmor
mailing list