diff --git a/apparmor/license.txt b/apparmor/license.txt index 564063c..841cad6 100644 --- a/apparmor/license.txt +++ b/apparmor/license.txt @@ -1,4 +1,4 @@ -These AppArmor profiles are based on https://gitorious.org/tbb-apparmor/tbb-apparmor/ +TBB AppArmor profiles are based on https://gitorious.org/tbb-apparmor/tbb-apparmor/ Originally written by Radostan Riedel -- diff --git a/apparmor/tor-browser.Browser.firefox b/apparmor/torbrowser.Browser.firefox similarity index 61% rename from apparmor/tor-browser.Browser.firefox rename to apparmor/torbrowser.Browser.firefox index 8b34b9c..60aa9c9 100644 --- a/apparmor/tor-browser.Browser.firefox +++ b/apparmor/torbrowser.Browser.firefox @@ -20,6 +20,7 @@ /etc/X11/cursors/* r, /etc/drirc r, /etc/fonts/** r, + /etc/gnome/defaults.list r, /etc/gnome-vfs-2.0/modules/ r, /etc/gnome-vfs-2.0/modules/default-modules.conf r, /etc/gnome-vfs-2.0/modules/extra-modules.conf r, @@ -28,24 +29,30 @@ /etc/passwd r, /lib{,32,64}/*.so mr, /lib{,32,64}/*.so.* mr, - /home/*/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/.mozilla/ w, - /home/*/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/.mozilla/*/ w, - /home/*/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Browser/** r, - /home/*/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Browser/*.so mr, - /home/*/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Browser/browser/components/*.so mr, - /home/*/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Browser/components/*.so mr, - /home/*/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Browser/firefox rix, - /home/*/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Data/Browser/ r, - /home/*/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Data/Browser/** rwk, - /home/*/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Desktop/ rw, - /home/*/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Desktop/** rw, - /home/*/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Downloads/ rw, - /home/*/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Downloads/** rw, - /home/*/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Tor/tor Px, + @{HOME}/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/.mozilla/ w, + @{HOME}/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/.mozilla/*/ w, + @{HOME}/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Browser/** r, + @{HOME}/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Browser/*.so mr, + @{HOME}/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Browser/browser/components/*.so mr, + @{HOME}/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Browser/components/*.so mr, + @{HOME}/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Browser/firefox rix, + @{HOME}/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Data/Browser/ r, + @{HOME}/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Data/Browser/** rwk, + @{HOME}/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Desktop/ rw, + @{HOME}/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Desktop/** rw, + @{HOME}/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Downloads/ rw, + @{HOME}/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Downloads/** rw, + @{HOME}/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Tor/tor Px, + @{HOME}/.Xauthority r, /run/gdm3/** r, /sys/devices/system/cpu/present r, /tmp/.X0-lock r, /usr/lib{,32,64}/** mr, + /usr/local/share/fonts/ r, + /usr/share/ r, + /usr/share/applications/*.desktop r, + /usr/share/applications/mimeinfo.cache r, + /usr/share/fonts/ r, /usr/share/fonts/** r, /usr/share/gvfs/remote-volume-monitors/ r, /usr/share/gvfs/remote-volume-monitors/afc.monitor r, @@ -53,9 +60,11 @@ /usr/share/gvfs/remote-volume-monitors/gphoto2.monitor r, /usr/share/icons/ r, /usr/share/icons/** r, - /usr/share/mime/mime.cache r, + /usr/share/mime/ r, + /usr/share/mime/** r, /usr/share/pixmaps/ r, - /usr/share/themes/Default/** r, + /usr/share/poppler/** r, + /usr/share/themes/** r, /var/cache/fontconfig/* r, owner @{HOME}/.config/gtk-2.0/gtkfilechooser.ini r, owner @{HOME}/.icons/ r, @@ -71,4 +80,6 @@ @{PROC}/meminfo r, @{PROC}/stat r, + dbus, + } diff --git a/apparmor/tor-browser.Tor.tor b/apparmor/torbrowser.Tor.tor similarity index 100% rename from apparmor/tor-browser.Tor.tor rename to apparmor/torbrowser.Tor.tor diff --git a/apparmor/tor-browser.start-tor-browser b/apparmor/torbrowser.start-tor-browser similarity index 75% rename from apparmor/tor-browser.start-tor-browser rename to apparmor/torbrowser.start-tor-browser index b675d65..0751963 100644 --- a/apparmor/tor-browser.start-tor-browser +++ b/apparmor/torbrowser.start-tor-browser @@ -15,9 +15,9 @@ /dev/pts/[0-9]* rw, /dev/tty rw, /etc/magic r, - /opt/tor-browser_en-US/Browser/firefox Px, - /opt/tor-browser_en-US/Tor/tor r, - /opt/tor-browser_en-US/start-tor-browser r, + @{HOME}/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Browser/firefox Px, + @{HOME}/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/Tor/tor r, + @{HOME}/.torbrowser/tbb/{stable,alpha}/{i686,x86_64}/tor-browser_*/start-tor-browser r, @{PROC}/ r, @{PROC}/[0-9]*/status r, @{PROC}/[0-9]*/stat r, diff --git a/setup.py b/setup.py index 62c52e6..6d586f8 100644 --- a/setup.py +++ b/setup.py @@ -58,7 +58,7 @@ Tor Browser Launcher will get updated each time a new version of TBB is released ('/usr/share/pixmaps', ['img/torbrowser32.xpm', 'img/torbrowser80.xpm']), ('/usr/share/torbrowser-launcher', ['keys/erinn.asc', 'keys/sebastian.asc', 'keys/alexandre.asc', 'keys/mike.asc', 'keys/mike-2013-09.asc', 'torproject.pem', 'mirrors.txt', 'modem.ogg']), ('/usr/share/torbrowser-launcher/locale/en', ['locale/en/messages.pot']), - ('/etc/apparmor.d/', ['apparmor/tor-browser.Browser.firefox', 'apparmor/tor-browser.start-tor-browser', 'apparmor/tor-browser.Tor.tor']), + ('/etc/apparmor.d/', ['apparmor/torbrowser.Browser.firefox', 'apparmor/torbrowser.start-tor-browser', 'apparmor/torbrowser.Tor.tor']), # unpackaged third party libraries ('/usr/share/torbrowser-launcher/lib/txsocksx', file_list('lib/txsocksx-0.0.2/txsocksx')),