summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorintrigeri <intrigeri@boum.org>2015-08-21 07:44:57 +0000
committerintrigeri <intrigeri@boum.org>2015-08-21 07:44:57 +0000
commitbd9564fe92c845231e1582167501d8faee51de8a (patch)
tree838d5ca03a5b6ac2eba177da8bdfb39df4e3f081
parent9af7e1ba94b8d80f11a153da6f6e55c2f218b1ea (diff)
parent77369839f0ea581fe56ca2efa10555ba7da8ca0d (diff)
Merge remote-tracking branch 'origin/stable' into feature/6354-vagrant-libvirtfeature/6354-vagrant-libvirt_old
-rw-r--r--config/base_branch2
-rw-r--r--config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch10
2 files changed, 7 insertions, 5 deletions
diff --git a/config/base_branch b/config/base_branch
index 038d718..2bf5ad0 100644
--- a/config/base_branch
+++ b/config/base_branch
@@ -1 +1 @@
-testing
+stable
diff --git a/config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch b/config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch
index d1df77c..1734b85 100644
--- a/config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch
+++ b/config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch
@@ -20,7 +20,7 @@ index 7e68a08..2f40271 100644
# Uncomment the following lines if you want to give the Tor Browser read-write
# access to most of your personal files.
-@@ -17,40 +19,52 @@
+@@ -17,41 +19,52 @@
#dbus,
network tcp,
@@ -63,6 +63,7 @@ index 7e68a08..2f40271 100644
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/{Browser/TorBrowser/,}Data/Browser/profile.default/ r,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/{Browser/TorBrowser/,}Data/Browser/profile.default/** rwk,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/{Browser/TorBrowser/,}Tor/tor Px,
+- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/{Browser/TorBrowser/,}Tor/*.so{,.[0-9]*} mr,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/{Browser/,}Desktop/ rw,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/{Browser/,}Desktop/** rwk,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/{Browser/,}Downloads/ rw,
@@ -97,7 +98,7 @@ index 7e68a08..2f40271 100644
/etc/mailcap r,
/etc/mime.types r,
-@@ -73,10 +87,42 @@
+@@ -74,6 +87,31 @@
/sys/devices/pci[0-9]*/**/uevent r,
owner /{dev,run}/shm/shmfd-* rw,
@@ -129,10 +130,11 @@ index 7e68a08..2f40271 100644
# KDE 4
owner @{HOME}/.kde/share/config/* r,
- # Xfce4
+@@ -81,5 +119,10 @@
/etc/xfce4/defaults.list r,
/usr/share/xfce4/applications/ r,
-+
+
+- #include <local/torbrowser.Browser.firefox>
+ # Deny access to global tmp directories, that's granted by the user-tmp
+ # abstraction, which is sourced by the gnome abstraction, that we include.
+ deny owner /var/tmp/** rwklx,