MVP of AppArmor profiles for Cryptomator on Ubuntu #31
Labels
apparmor-profile
"AppArmor is an effective and easy-to-use Linux application security system." https://apparmor.net/
beyond-tails
Comments
|
Interesting. Very interesting. Actually do exist a tool that automate create AppArmor profiles. Still not as smart as an human, but for a non-expert it definely seems to do better than start witht he The # Last Modified: Sat Nov 7 01:13:28 2020
#include <tunables/global>
/workspace/bin/cryptomator.AppImage flags=(complain) {
#include <abstractions/base>
#include <abstractions/nameservice>
capability dac_read_search,
capability sys_admin,
/dev/fuse rw,
/etc/fuse.conf r,
/proc/*/mounts r,
/tmp/.mount_cryptoMkNRmM/ r,
/tmp/.mount_cryptoMkNRmM/bin/Cryptomator Ux,
/tmp/.mount_cryptoo4xRVN/ r,
/tmp/.mount_cryptoo4xRVN/bin/Cryptomator Px,
/usr/bin/fusermount mrix,
/workspace/bin/cryptomator.AppImage mr,
}The /tmp definitely it did not get right. |
fititnt
added a commit
that referenced
this issue
Nov 7, 2020
…f /workspace/bin/cryptomator.AppImage'
fititnt
added
the
apparmor-profile
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
An minimum viable product (MVP) of AppArmor profiles to use with Cryptomator
The text was updated successfully, but these errors were encountered: