# vim:syntax=apparmor # Allow read to all files user has DAC access to and write access to all # files owned by the user in $HOME. @{HOME}/ r, @{HOME}/** r, owner @{HOME}/** w, # Do not allow read and/or write to particularly sensitive/problematic files #include <abstractions/private-files> audit deny @{HOME}/.ssh/{,**} mrwkl, audit deny @{HOME}/.gnome2_private/{,**} mrwkl, audit deny @{HOME}/.kde{,4}/{,share/,share/apps/} w, audit deny @{HOME}/.kde{,4}/share/apps/kwallet/{,**} mrwkl, # Comment this out if using gpg plugin/addons audit deny @{HOME}/.gnupg/{,**} mrwkl, # Allow read to all files user has DAC access to and write for files the user # owns on removable media and filesystems. /media/** r, /mnt/** r, /srv/** r, /net/** r, owner /media/** w, owner /mnt/** w, owner /srv/** w, owner /net/** w,
Name | Type | Size | Permission | Actions |
---|---|---|---|---|
java | File | 3.79 KB | 0644 |
|
kde | File | 248 B | 0644 |
|
mailto | File | 324 B | 0644 |
|
multimedia | File | 1.73 KB | 0644 |
|
plugins-common | File | 334 B | 0644 |
|
productivity | File | 993 B | 0644 |
|
text-editors | File | 654 B | 0644 |
|
ubuntu-integration | File | 1.4 KB | 0644 |
|
ubuntu-integration-xul | File | 168 B | 0644 |
|
user-files | File | 862 B | 0644 |
|