Skip to content

Commit

Permalink
feat(profile): firefox: restric access to /tmp
Browse files Browse the repository at this point in the history
  • Loading branch information
@roddhjav
roddhjav committed Dec 23, 2024
1 parent edaa450 commit 7167de9
Showing 1 changed file with 2 additions and 3 deletions.
5 changes: 2 additions & 3 deletions apparmor.d/groups/browsers/firefox
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,9 +59,8 @@ profile firefox @{exec_path} flags=(attach_disconnected) {
owner @{user_share_dirs}/mime/packages/user-extension-{htm,html,xht,xhtml,shtml}.xml.* rw,

owner @{tmp}/.xfsm-ICE-@{rand6} rw,
owner @{tmp}/@{rand6}.tmp r,
owner @{tmp}/@{rand8}.txt w,
owner @{tmp}/* w, # file downloads (to anywhere)
owner @{tmp}/@{rand8}.* rw, # file downloads (to anywhere)
owner @{tmp}/@{uuid}.zip{,.tmp} rw,
owner @{tmp}/Mozilla@{uuid}-cachePurge-{@{hex15},@{hex16}} rwk,
owner @{tmp}/mozilla* rw,
owner @{tmp}/mozilla*/ rw,
Expand Down

0 comments on commit 7167de9

Please sign in to comment.