3
# Allow read to all files user has DAC access to and write access to all
4
# files owned by the user in $HOME.
8
owner @{HOME}/Desktop/** r,
10
# Do not allow read and/or write to particularly sensitive/problematic files
11
#include <abstractions/private-files>
12
audit deny @{HOME}/.ssh/** mrwkl,
13
audit deny @{HOME}/.gnome2_private/** mrwkl,
15
# Comment this out if using gpg plugin/addons
16
audit deny @{HOME}/.gnupg/** mrwkl,
18
# Allow read to all files user has DAC access to and write for files the user
19
# owns on removable media and filesystems.