summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authoranonym <anonym@riseup.net>2020-04-28 14:58:53 +0200
committeranonym <anonym@riseup.net>2020-04-28 16:08:19 +0200
commit8596434c03e17b6e7fa0a12ceee6ce77445d1fef (patch)
tree924a444d5cdf1f6cc63c73cdeda49619e65269d5
parent70ff1b0543ab226acb41418b4feeeed10c5e7b7e (diff)
Tor Browser AppArmor profile: update patch to apply on top of 0.3.2-9 (will-fix: #17612)feature/17610-linux-5.5+force-all-tests
-rw-r--r--config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch6
1 files changed, 3 insertions, 3 deletions
diff --git a/config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch b/config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch
index f6b2e68..633c968 100644
--- a/config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch
+++ b/config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch
@@ -135,9 +135,9 @@
deny @{PROC}/@{pid}/net/route r,
deny /sys/devices/system/cpu/cpufreq/policy[0-9]*/cpuinfo_max_freq r,
deny /sys/devices/system/cpu/*/cache/index[0-9]*/size r,
-@@ -134,5 +149,10 @@
- /etc/xfce4/defaults.list r,
- /usr/share/xfce4/applications/ r,
+@@ -144,5 +159,10 @@
+ # Yubikey NEO also needs this:
+ /sys/devices/**/hidraw/hidraw*/uevent r,
- #include <local/torbrowser.Browser.firefox>
+ # Deny access to global tmp directories, that's granted by the user-tmp