Ubuntu Forums ubuntu.com - launchpad.net - ubuntu help  

Go Back   Ubuntu Forums > The Ubuntu Forum Community > Main Support Categories > Security Discussions
Reload this Page [all variants] Share your AppArmor Profiles
Register Reset Password Forum Help Forum Council Search Today's Posts Mark Forums Read

Ubuntu 9.10 is out!!!

When downloading Ubuntu 9.10 please consider using bittorrent to get your copy of Ubuntu.

The Ubuntu Developers Summit for Lucid Lynx will be held the week of 16-Nov-2009 till 20-Nov-2009 in Dallas, TX USA. Visit the the Ubuntu wiki for more information about UDS and how to participate remotely.

Security Discussions
Discuss security flaws/updates/notices in the various Ubuntu releases.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
Old December 12th, 2008   #1
bodhi.zazen
Ubuntu Guru
 
bodhi.zazen's Avatar
 
Join Date: Apr 2006
Location: Montana
My beans are hidden!
Xubuntu Karmic Koala (testing)
Send a message via Yahoo to bodhi.zazen
Share your AppArmor Profiles
In order to promote awareness and learning of AppArmor I thought it migh help if we shared our profiles. Hopefully they can be reviewed by experts and help others learn the syntax of an AppArmor Profile.

Here is my Firefox Profile

Firefox version 3.0.4
Ubuntu 9.04 Alpha

Quote:
# Last Modified: Thu Dec 11 21:08:14 2008
#include <tunables/global>

/usr/lib/firefox-3.0.4/firefox.sh {
#include <abstractions/base>
#include <abstractions/bash>
#include <abstractions/consoles>
#include <abstractions/gnome>
#include <abstractions/nameservice>
#include <abstractions/user-tmp>

network dgram,
network stream,

/bin/dash rix,
/bin/grep rix,
/bin/ps rix,
/usr/bin/basename rix,
/usr/lib/firefox-3.0.4/firefox mrix,
/usr/lib/gamin/gam_server mrix,

/dev/shm/ r,
owner /dev/shm/pulse-* rw,
/etc/ r,
/etc/firefox-3.0/pref/ r,
/etc/firefox-3.0/pref/* r,
/etc/gre.d/ r,
/etc/gre.d/1.9.0.4.system.conf r,
/etc/mime.types r,
/etc/pulse/client.conf r,
/etc/sound/events/gtk-events-2.soundlist r,
/etc/xulrunner-1.9/system-greprefs.js r,
owner /home/** rw,
owner /home/*/.adobe/ rw,
owner /home/*/.adobe/** rw,
owner /home/*/.config/gtk-2.0/** rwk,
owner /home/*/.macromedia/ w,
owner /home/*/.macromedia/** rw,
owner /home/*/.mozilla/** rwk,
owner /home/*/.pulse-cookie rwk,
owner /home/*/.pulse/ w,
owner /home/*/{Desktop,Documents,Downloads}/ rw,
owner /home/*/{Desktop,Documents,Downloads}/** rw,

owner /proc/*/maps r,
/proc/*/mounts/* r,
owner /proc/*/stat r,
/proc/version r,
/usr/local/share/** r,
/usr/share/** r,
/var/lib/dbus/machine-id r,

}
Enjoy (and try not to abuse my poor quality profile too much).
__________________
A person with ubuntu is open and available to others, affirming of others, does not feel threatened that others are able and good, for he or she has a proper self-assurance that comes from knowing that he or she belongs in a greater whole and is diminished when others are humiliated or diminished, when others are tortured or oppressed. ~ Archbishop Desmond Tutu, 1999
bodhi.zazen is offline   Reply With Quote
 

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 12:09 AM.

Ubuntu Forums - Archive - Top

vBulletin ©2000 - 2009, Jelsoft Enterprises Ltd. Ubuntu Logo, Ubuntu and Canonical © Canonical Ltd. Tango Icons © Tango Desktop Project. lingonberry