Update/Add Additional Abstractions for AppArmor

2025-02-16 22:29:47 +00:00 · 2024-10-05 10:14:32 +00:00 · 2024-10-05 10:14:32 +00:00 · e049fdcc76
commit e049fdcc76
parent 8761fed197
1 changed files with 5 additions and 0 deletions
--- a/apparmor/torbrowser.Browser.firefox
+++ b/apparmor/torbrowser.Browser.firefox
@ -11,6 +11,8 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
  #include <abstractions/mesa>
  #include <abstractions/opencl>
  #include if exists <abstractions/vulkan>
+  #include if exists <abstractions/dbus-session>
+  #include if exists <abstractions/X>

  deny capability sys_ptrace,

@ -26,6 +28,9 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
  network netlink raw,
  network tcp,

+  # ibus socket
+  owner @{HOME}/.cache/ibus/dbus-* rw,
+
  ptrace (trace) peer=@{profile_name},
  signal (receive, send) set=("term") peer=@{profile_name},