diff options
Diffstat (limited to 'sysui/desktop/apparmor')
-rw-r--r-- | sysui/desktop/apparmor/program.oosplash | 36 | ||||
-rw-r--r-- | sysui/desktop/apparmor/program.senddoc | 37 | ||||
-rw-r--r-- | sysui/desktop/apparmor/program.soffice.bin | 263 | ||||
-rw-r--r-- | sysui/desktop/apparmor/program.xpdfimport | 31 |
4 files changed, 367 insertions, 0 deletions
diff --git a/sysui/desktop/apparmor/program.oosplash b/sysui/desktop/apparmor/program.oosplash new file mode 100644 index 000000000..dd1136bc9 --- /dev/null +++ b/sysui/desktop/apparmor/program.oosplash @@ -0,0 +1,36 @@ +# ------------------------------------------------------------------ +# +# Copyright (C) 2016 Canonical Ltd. +# Copyright (C) 2018 Software in the Public Interest, Inc. +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# +# Author: Bryan Quigley <bryan.quigley@canonical.com> +# Rene Engelhard <rene@debian.org> +# +# ------------------------------------------------------------------ + +#include <tunables/global> + +profile libreoffice-oosplash INSTDIR-program/oosplash { + #include <abstractions/base> + #include <abstractions/X> + + /etc/libreoffice/ r, + /etc/libreoffice/** r, + /etc/passwd r, + /etc/nsswitch.conf r, + /run/nscd/passwd r, + /sys/devices/{virtual,pci[0-9]*}/**/queue/rotational r, # for isRotational() in desktop/unx/source/pagein.c + /usr/lib{,32,64}/ure/bin/javaldx rmpux, + /usr/share/libreoffice/program/* r, + INSTDIR-program/** r, + INSTDIR-program/soffice.bin rmpx, + INSTDIR-program/javaldx rmpux, + owner @{HOME}/.Xauthority r, + owner @{HOME}/.config/libreoffice{,dev}/?/user/uno_packages/cache/log.txt rw, + unix peer=(addr=@/tmp/.ICE-unix/* label=unconfined), + unix peer=(addr=@/tmp/.X11-unix/* label=unconfined), +} diff --git a/sysui/desktop/apparmor/program.senddoc b/sysui/desktop/apparmor/program.senddoc new file mode 100644 index 000000000..969130f4e --- /dev/null +++ b/sysui/desktop/apparmor/program.senddoc @@ -0,0 +1,37 @@ +# ------------------------------------------------------------------ +# +# Copyright (C) 2016 Canonical Ltd. +# Copyright (C) 2017 Software in the Public Interest, Inc. +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# +# Authors: Bryan Quigley <bryan.quigley@canonical.com> +# Rene Engelhard <rene@debian.org> +# +# ------------------------------------------------------------------ + +#include <tunables/global> + +profile libreoffice-senddoc INSTDIR-program/senddoc { + #include <abstractions/base> + + #include <abstractions/user-tmp> + + /{usr/,}bin/sh rmix, + /{usr/,}bin/bash rmix, + /{usr/,}bin/dash rmix, + /{usr/,}bin/sed rmix, + /usr/bin/dirname rmix, + /usr/bin/basename rmix, + /{usr/,}bin/grep rmix, + /{usr/,}bin/uname rmix, + /usr/bin/xdg-open rPUx, + /usr/bin/xdg-email rPUx, + /dev/null rw, + INSTDIR-program/uri-encode rmpux, + /usr/share/libreoffice/share/config/* r, + owner @{HOME}/.config/libreoffice{,dev}/?/user/uno_packages/cache/log.txt rw, +} + diff --git a/sysui/desktop/apparmor/program.soffice.bin b/sysui/desktop/apparmor/program.soffice.bin new file mode 100644 index 000000000..42053db2a --- /dev/null +++ b/sysui/desktop/apparmor/program.soffice.bin @@ -0,0 +1,263 @@ +# ------------------------------------------------------------------ +# +# Copyright (C) 2016 Canonical Ltd. +# Copyright (C) 2018 Software in the Public Interest, Inc. +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# +# Authors: Jonathan Davies <jonathan.davies@canonical.com> +# Bryan Quigley <bryan.quigley@canonical.com> +# Rene Engelhard <rene@debian.org> +# +# ------------------------------------------------------------------ + +# This profile should enable the average LibreOffice user to get their +# work done while blocking some advanced usage +# Namely not tested and likely not working : embedded plugins, +# Using the LibreOffice SDK and other development tasks +# Everything else should be working + +#Defines all common supported file formats +#Some obscure ones we're excluded (mostly input) + +#Generic +#.txt +@{libreoffice_ext} = [tT][xX][tT] +#All the open document format +@{libreoffice_ext} += {,f,F}[oO][dDtT][tTsSpPbBgGfF] +#.xml and xsl +@{libreoffice_ext} += [xX][mMsS][lL] +#.pdf +@{libreoffice_ext} += [pP][dD][fF] +#Unified office format +@{libreoffice_ext} += [uU][oO][fFtTsSpP] +#(x)htm(l) +@{libreoffice_ext} += {,x,X}[hH][tT][mM]{,l,L} +#.epub +@{libreoffice_ext} += [eE][pP][uU][bB] +#.ps (printing to file) +@{libreoffice_ext} += [pP][sS] + +#Images +@{libreoffice_ext} += [jJ][pP][gG] +@{libreoffice_ext} += [jJ][pP][eE][gG] +@{libreoffice_ext} += [pP][nN][gG] +@{libreoffice_ext} += [sS][vV][gG] +@{libreoffice_ext} += [sS][vV][gG][zZ]99251 +@{libreoffice_ext} += [tT][iI][fF] +@{libreoffice_ext} += [tT][iI][fF][fF] + +#Writer +@{libreoffice_ext} += [dD][oO][cCtT]{,x,X} +@{libreoffice_ext} += [rR][tT][fF] + +#Calc +@{libreoffice_ext} += [xX][lL][sStT]{,x,X,m,M} +@{libreoffice_ext} += [xX][lL][wW] +#.dif dbf +@{libreoffice_ext} += [dD][iIbB][fF] +#.tsv .csv +@{libreoffice_ext} += [cCtT][sS][vV] +@{libreoffice_ext} += [sS][lL][kK] + +#Impress/Draw +@{libreoffice_ext} += [pP][pP][tTsS]{,x,X} +@{libreoffice_ext} += [pP][oO][tT]{,m,M} +#Photoshop +@{libreoffice_ext} += [pP][sS][dD] + +#Math +@{libreoffice_ext} += [mM][mM][lL] + +@{libo_user_dirs} = @{HOME} /mnt /media + +#include <tunables/global> + +profile libreoffice-soffice INSTDIR-program/soffice.bin { + #include <abstractions/private-files> + + #include <abstractions/audio> + #include <abstractions/bash> + #include <abstractions/cups-client> + #include <abstractions/dbus> + #include <abstractions/dbus-session> + #include <abstractions/dbus-accessibility> + #include <abstractions/ibus> + #include <abstractions/nameservice> + #include <abstractions/gnome> +# GnuPG1 only... +# #include <abstractions/gnupg> + #include <abstractions/python> + #include <abstractions/p11-kit> + + #include <abstractions/user-tmp> + + #List directories for file browser + / r, + /**/ r, + + owner @{libo_user_dirs}/**/ rw, #allow creating directories that we own + owner @{libo_user_dirs}/**~lock.* rw, #lock file support + owner @{libo_user_dirs}/**.@{libreoffice_ext} rwk, #Open files rw with the right exts + owner @{libo_user_dirs}/{,**/}lu??????????{,?}.tmp rwk, #Temporary file used when saving + owner @{libo_user_dirs}/{,**/}.directory r, #Read directory settings on KDE + + # Settings + /etc/libreoffice/ r, + /etc/libreoffice/** r, + + /etc/cups/ppd/*.ppd r, + /etc/xml/catalog r, #exporting to .xhtml, for libxml2 + /proc/*/status r, + + owner @{HOME}/.config/libreoffice{,dev}/** rwk, + owner @{HOME}/.config/soffice.binrc rwl -> @{HOME}/.config/#[0-9]*, + owner @{HOME}/.config/soffice.binrc.* rwl -> @{HOME}/.config/#[0-9]*, + owner @{HOME}/.config/soffice.binrc.lock rwk, + owner @{HOME}/.cache/fontconfig/** rw, + owner @{HOME}/.config/gtk-???/bookmarks r, #Make bookmarks work + + owner /{,var/}run/user/*/dconf/user rw, + owner @{HOME}/.config/dconf/user r, + + # allow schema to be read + /usr/share/glib-*/schemas/ r, + /usr/share/glib-*/schemas/** r, + + # bluetooth send to + network bluetooth, + + /{usr/,}bin/sh rmix, + /{usr/,}bin/bash rmix, + /{usr/,}bin/dash rmix, + /{usr/,}bin/rm rmix, #deleting /tmp/psp1534203998 (printing to file) + /usr/bin/bluetooth-sendto rmPUx, + /usr/bin/lpr rmPUx, + /usr/bin/paperconf rmix, + /usr/bin/gpgconf rmix, + /usr/bin/gpg rmCx -> gpg, + /usr/bin/gpgsm rmCx -> gpg, + /usr/bin/gpa rix, + /usr/bin/seahorse rix, + /usr/bin/kgpg rix, + /usr/bin/kleopatra rix, + + /dev/tty rw, + + /usr/lib{,32,64}/@{multiarch}/gstreamer???/gstreamer-???/gst-plugin-scanner rmPUx, + owner @{HOME}/.cache/gstreamer-???/** rw, + unix peer=(addr=@/tmp/.ICE-unix/* label=unconfined), #Gstreamer doesn't work without this + + /usr/lib{,32,64}/jvm/ r, + /usr/lib{,32,64}/jvm/** r, + /usr/lib{,32,64}/jvm/**/jre/bin/java mix, + /usr/lib{,32,64}/jvm/**/bin/java mix, + INSTDIR-** rw, + INSTDIR-**.so m, + INSTDIR-program/soffice.bin mix, + INSTDIR-program/xpdfimport px, + INSTDIR-program/senddoc px, + /usr/bin/xdg-open rPUx, + + /usr/share/java/**.jar r, + /usr/share/hunspell/ r, + /usr/share/hunspell/** r, + /usr/share/hyphen/ r, + /usr/share/hyphen/** r, + /usr/share/mythes/ r, + /usr/share/mythes/** r, + /usr/share/liblangtag/ r, + /usr/share/liblangtag/** r, + /usr/share/libreoffice/ r, + /usr/share/libreoffice/** r, + /usr/share/yelp-xsl/xslt/mallard/** r, + /usr/share/libexttextcat/* r, + /usr/share/icu/** r, + /usr/share/locale-bundle/* r, + + /var/spool/libreoffice/ r, + /var/spool/libreoffice/** rw, + /var/cache/fontconfig/ rw, + + #Likely moving to abstractions in the future + owner @{HOME}/.icons/*/cursors/* r, + /etc/fstab r, # Solid::DeviceNotifier::instance() TODO: deny? + /sys/devices/pci[0-9]*/**/{device,subsystem_device,subsystem_vendor,uevent,vendor} r, # for libdrm + /usr/share/*-fonts/conf.avail/*.conf r, + /usr/share/fonts-config/conf.avail/*.conf r, + /{,var/}run/udev/data/+usb:* r, # Solid::Device::listFromQuery() + /{,var/}run/udev/data/{c,b}*:* r, # Solid::Device::description(), Solid::Device::listFromQuery() + @{PROC}/sys/kernel/random/boot_id r, # KRecentDocument::add() -> QSysInfo::bootUniqueId() + + #To avoid "Unable to create io-slave." for file dialog + owner /{,var/}run/user/[0-9]*/#[0-9]* rw, + #For KIO IO::Slave::createSlave() + owner /{,var/}run/user/[0-9]*/soffice.bin*.slave-socket wl -> /{,var/}run/user/[0-9]*/#[0-9]*, + + owner @{HOME}/.mozilla/firefox/profiles.ini r, + owner @{HOME}/.mozilla/firefox/*/secmod.db r, + # firefox < 58 + owner @{HOME}/.mozilla/firefox/*/cert8.db r, + # firefox >= 58 + owner @{HOME}/.mozilla/firefox/*/cert9.db r, + + owner @{HOME}/.local/share/user-places.xbel r, + + # there is abstractions/gnupg but that's just for gpg1... + profile gpg { + #include <abstractions/base> + + /usr/bin/gpgconf rm, + /usr/bin/gpg rm, + /usr/bin/gpgsm rm, + + owner @{HOME}/.gnupg/* r, + owner @{HOME}/.gnupg/random_seed rk, + } + + # probably should become a subprofile like gpg above, but then it doesn't + # work either as it tries to access stuff only allowed above... + owner @{HOME}/.config/kdeglobals r, + /usr/lib/libreoffice/program/lo_kde5filepicker rPUx, + /usr/share/qt5/translations/* r, + /usr/lib/*/qt5/plugins/** rm, + /usr/share/plasma/look-and-feel/**/contents/defaults r, + + # TODO: remove when rules are available in abstractions/kde + owner @{HOME}/.cache/ksycoca5_??_* r, # KDE System Configuration Cache + owner @{HOME}/.config/baloofilerc r, # indexing options (excludes, etc), used by KFileWidget + owner @{HOME}/.config/dolphinrc r, # settings used by KFileWidget + owner @{HOME}/.config/kde.org/libphonon.conf r, # for KNotifications::sendEvent() + owner @{HOME}/.config/klanguageoverridesrc r, # per-application languages, for KDEPrivate::initializeLanguages() from libKF5XmlGui.so + owner @{HOME}/.config/trashrc r, # user by KFileWidget + /usr/share/knotifications5/*.notifyrc r, # KNotification::sendEvent + + # TODO: remove when rules are available in abstractions/kde-write-icon-cache or similar + owner @{HOME}/.cache/icon-cache.kcache rw, # for KIconLoader + + # TODO: remove when rules are available in abstractions/kdeframeworks5 or similar + /usr/share/kservices5/*.protocol r, + + # TODO: use qt5-settings-write abstraction when it is available + owner @{HOME}/.config/#[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9] rw, + owner @{HOME}/.config/QtProject.conf rw, + owner @{HOME}/.config/QtProject.conf.?????? l -> @{HOME}/.config/#[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9], + owner @{HOME}/.config/QtProject.conf.?????? rw, # for temporary files like QtProject.conf.Aqrgeb + owner @{HOME}/.config/QtProject.conf.lock rwk, + + # TODO: use qt5-compose-cache-write abstraction when it is available + owner @{HOME}/.cache/qt_compose_cache_{little,big}_endian_* r, + + # TODO: use recent-documents-write abstraction when it is available + owner @{HOME}/.local/share/RecentDocuments/** r, + owner @{HOME}/.local/share/RecentDocuments/*.desktop rwl -> @{HOME}/.local/share/RecentDocuments/#[0-9]*, + owner @{HOME}/.local/share/RecentDocuments/#[0-9]* rw, + owner @{HOME}/.local/share/RecentDocuments/*.lock rwk, + + # TODO: use kde-globals-write abstraction when it is available + owner @{HOME}/.config/kdeglobals rw, + owner @{HOME}/.config/kdeglobals.* rwl -> @{HOME}/.config/#[0-9]*, + owner @{HOME}/.config/kdeglobals.lock rwk, +} diff --git a/sysui/desktop/apparmor/program.xpdfimport b/sysui/desktop/apparmor/program.xpdfimport new file mode 100644 index 000000000..f8bfbfe8f --- /dev/null +++ b/sysui/desktop/apparmor/program.xpdfimport @@ -0,0 +1,31 @@ +# ------------------------------------------------------------------ +# +# Copyright (C) 2016 Canonical Ltd. +# Copyright (C) 2017 Software in the Public Interest, Inc. +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# +# Authors: Bryan Quigley <bryan.quigley@canonical.com> +# Rene Engelhard <rene@debian.org> +# +# ------------------------------------------------------------------ + +#include <tunables/global> + +profile libreoffice-xpdfimport INSTDIR-program/xpdfimport { + #include <abstractions/base> + + #include <abstractions/user-tmp> + + /usr/share/poppler/** r, + /usr/share/libreoffice/share/config/* r, + owner @{HOME}/.config/libreoffice{,dev}/?/user/uno_packages/cache/log.txt rw, + + INSTDIR-program/xpdfimport pxm, + + #Uncomment for build testing (should be one directory <- of instdir) + #/mnt/store/git/libo/** r, +} + |