summaryrefslogtreecommitdiffstats
path: root/wiki/src/blueprint/audit_AppArmor_profiles.mdwn
diff options
context:
space:
mode:
authorintrigeri <intrigeri@boum.org>2015-04-27 10:55:51 +0000
committerintrigeri <intrigeri@boum.org>2015-04-27 10:55:51 +0000
commitbd2654fea593e9f2f178846ac11d038ce5d654b3 (patch)
tree5179ed10a5008dae4168008c624ec4284b6b152a /wiki/src/blueprint/audit_AppArmor_profiles.mdwn
parentd5cbaaf3177946e0c2665d70a450ab335705f6e2 (diff)
Point to discovered issue.
Diffstat (limited to 'wiki/src/blueprint/audit_AppArmor_profiles.mdwn')
-rw-r--r--wiki/src/blueprint/audit_AppArmor_profiles.mdwn4
1 files changed, 3 insertions, 1 deletions
diff --git a/wiki/src/blueprint/audit_AppArmor_profiles.mdwn b/wiki/src/blueprint/audit_AppArmor_profiles.mdwn
index f0a13da..da0397b 100644
--- a/wiki/src/blueprint/audit_AppArmor_profiles.mdwn
+++ b/wiki/src/blueprint/audit_AppArmor_profiles.mdwn
@@ -11,7 +11,9 @@ Things to check
`$PATH` for executing other stuff; in particular, many shell scripts
do rely on `$PATH`; this should be checked particularly for the
profiles we ship that don't come from AppArmor upstream, most
- notably the Tor Browser one.
+ notably:
+ - the Tor Browser one
+ - `/usr/local/bin/tor-browser`
* use of `sanitized_helper` [isn't very
safe](http://blog.azimuthsecurity.com/2012/09/poking-holes-in-apparmor-profiles.html),
especially given it [doesn't transition properly with