summaryrefslogtreecommitdiffstats
path: root/wiki/src/blueprint/audit_AppArmor_profiles.mdwn
diff options
context:
space:
mode:
authorintrigeri <intrigeri@boum.org>2015-05-01 16:38:07 +0000
committerintrigeri <intrigeri@boum.org>2015-05-01 16:38:07 +0000
commit85028d618d33c024642142df297ac8903f747736 (patch)
tree4ab81ce2cf5cc8d3122c25929f98de44578b7cc3 /wiki/src/blueprint/audit_AppArmor_profiles.mdwn
parente98742debd48f2522dae36d311e80757b7da56b2 (diff)
Checked Tails-specific AppArmor policy changes.
Diffstat (limited to 'wiki/src/blueprint/audit_AppArmor_profiles.mdwn')
-rw-r--r--wiki/src/blueprint/audit_AppArmor_profiles.mdwn12
1 files changed, 6 insertions, 6 deletions
diff --git a/wiki/src/blueprint/audit_AppArmor_profiles.mdwn b/wiki/src/blueprint/audit_AppArmor_profiles.mdwn
index a711aa9..b33591d 100644
--- a/wiki/src/blueprint/audit_AppArmor_profiles.mdwn
+++ b/wiki/src/blueprint/audit_AppArmor_profiles.mdwn
@@ -87,12 +87,6 @@ Things to keep in mind
Profiles
========
-* `config/chroot_local-patches/apparmor-adjust-home-tunable.diff`
-* `config/chroot_local-patches/apparmor-adjust-pidgin-profile.diff`
-* `config/chroot_local-patches/apparmor-adjust-tor-abstraction.diff`
-* `config/chroot_local-patches/apparmor-adjust-tor-profile.diff`
-* `config/chroot_local-patches/apparmor-adjust-totem-profile.diff`
-* `config/chroot_local-patches/apparmor-adjust-user-tmp-abstraction.diff`
* `config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch`
Checked already
@@ -116,6 +110,12 @@ Checked already
especially given it [doesn't transition properly with
Pix](https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1042771)
=> we don't add occurrences thereof in our own profiles
+* Tails-specific modifications to profiles:
+ - `config/chroot_local-patches/apparmor-adjust-pidgin-profile.diff`
+ - `config/chroot_local-patches/apparmor-adjust-tor-abstraction.diff`
+ - `config/chroot_local-patches/apparmor-adjust-tor-profile.diff`
+ - `config/chroot_local-patches/apparmor-adjust-totem-profile.diff`
+ - `config/chroot_local-patches/apparmor-adjust-user-tmp-abstraction.diff`
* wide-open access to `$HOME`:
- `bash` abstraction (included by many profiles) gives read access
to `$HOME` via `@{HOMEDIRS}`, but merely listing its content