← Back to branch summary

~apparmor-dev/apparmor-profiles/master

« back to all changes in this revision

Viewing changes to ubuntu/16.10/usr.bin.thunderbird

Merge Thunderbird/enigmail updates from Simon Déziel
<simon.deziel@gmail.com>, after updating the corresponding profile in
the 16.10 tree as well.

Show diffs side-by-side

added added

removed removed

Lines of Context:
ubuntu/16.10/usr.bin.thunderbird
168
168
  /usr/bin/mkfifo Uxr,  # investigate
169
169
  /bin/ps Uxr,
170
170
  /bin/uname Uxr,
 
171
  /usr/bin/locale Uxr,
171
172
 
172
173
  /usr/bin/gpg Cx -> gpg,
173
174
 
221
222
    #include <abstractions/p11-kit>
222
223
    /usr/lib/gnupg2/gpg2keys_hkp ix,
223
224
 
 
225
    # silence noise from enigmail 1.9+
 
226
    deny owner @{HOME}/.thunderbird/*/.parentlock w,
 
227
    deny owner @{HOME}/.thunderbird/*/panacea.dat w,
 
228
    deny owner @{HOME}/.thunderbird/*/*.mab w,
 
229
    deny owner @{HOME}/.thunderbird/**/*.msf w,
 
230
    deny owner @{HOME}/.cache/thunderbird/**/_CACHE_* w,
 
231
 
224
232
    # For smartcards?
225
233
    /dev/bus/usb/ r,
226
234
    /dev/bus/usb/[0-9]*/ r,
246
254
    owner @{HOME}/.gnupg/.#lk0x[0-9a-f]* rwl,
247
255
    owner @{HOME}/.gnupg/.gpg-v[0-9]*-migrated rw,
248
256
    owner @{HOME}/** r,
 
257
    owner @{PROC}/@{pids}/mountinfo r,
249
258
 
250
259
    # for inline pgp
251
260
    owner /tmp/encfile rw,
252
261
    owner /tmp/encfile-[0-9]* rw,
253
262
 
 
263
    # for signature generation
 
264
    owner /tmp/nsemail.eml w,
 
265
    owner /tmp/nsemail-[0-9]*.eml w,
 
266
 
254
267
    # for signature verifications
255
268
    owner /tmp/data.sig r,
256
269
    owner /tmp/data-[0-9]*.sig r,