Commit ea2429da authored by Jamie Strandboge's avatar Jamie Strandboge

ubuntu-browsers.d/user-files: disallow access to the dirs of private files

parent 503d2904
Pipeline #31406568 passed with stages
in 10 minutes and 42 seconds
......@@ -8,12 +8,12 @@
# Do not allow read and/or write to particularly sensitive/problematic files
#include <abstractions/private-files>
audit deny @{HOME}/.ssh/** mrwkl,
audit deny @{HOME}/.gnome2_private/** mrwkl,
audit deny @{HOME}/.kde{,4}/share/apps/kwallet/** mrwkl,
audit deny @{HOME}/.ssh/{,**} mrwkl,
audit deny @{HOME}/.gnome2_private/{,**} mrwkl,
audit deny @{HOME}/.kde{,4}/share/apps/kwallet/{,**} mrwkl,
# Comment this out if using gpg plugin/addons
audit deny @{HOME}/.gnupg/** mrwkl,
audit deny @{HOME}/.gnupg/{,**} mrwkl,
# Allow read to all files user has DAC access to and write for files the user
# owns on removable media and filesystems.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment