AppArmor profile exchange

Listing profiles

Distribution	Name	Profile	Created At	Changelog	View Count	Username
opensuse10.3	/usr/lib/NetworkManager/nm-crash-logger	#include <tunables/global> /usr/lib/NetworkManager/nm-crash-logger flags=(complain) { #include <abstractions/base> /usr/lib/NetworkManager/nm-crash-logger mr, }	11 months ago	initial nm-crash-logger profile	74	jmichael	Edit	History
opensuse10.3	/usr/lib/control-center-2.0/gnome-settings-daemon	#include <tunables/global> /usr/lib/control-center-2.0/gnome-settings-daemon { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /bin/bash ixr, /etc/gnome-vfs-2.0/modules/ r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/sound/events/ r, /etc/sound/events/gnome-2.soundlist r, /etc/sound/events/gtk-events-2.soundlist r, /etc/sysconfig/ r, /home// r, /home//.Xauthority r, /home//.Xdefaults r, /home//.esd_auth r, /home//.gnome2/share/ rw, /home//.gnome2/share/cursor-fonts/ rw, /home//.gnome2/share/cursor-fonts/ rw, /home//.gnome2/share/fonts/ rw, /home//.gnome2/share/fonts/fonts.dir rw, /home//.gnome2_private/ w, /home//.gstreamer-0.10/ w, /home//.gstreamer-0.10/registry.i686.xml rw, /home//.gstreamer-0.10/registry.i686.xml.tmp* rw, /home//.gtkrc-1.2-gnome2 rw, /home//.gtkrc-1.2-gnome2.new rw, /home//.icons/ r, /home//.local/share/applications/ r, /home//.local/share/applications/defaults.list r, /home//.local/share/applications/mimeinfo.cache r, /home//.local/share/icons/ r, /home//.local/share/mime/aliases r, /home//.local/share/mime/globs r, /home//.local/share/mime/magic r, /home//.local/share/mime/subclasses r, /home/jesse/.gnome2/share/fonts/* rw, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/meminfo r, /usr/bin/gnome-screensaver Px, /usr/bin/mkfontdir ixr, /usr/bin/mkfontscale ixr, /usr/bin/xrdb Px, /usr/bin/xscreensaver Px, /usr/lib/control-center-2.0/gnome-settings-daemon mr, /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper Px, /usr/lib/nautilus-cd-burner/mapping-daemon Pxmr, /usr/share/applications/ r, /usr/share/applications/mimeinfo.cache r, /usr/share/gdm/applications/ r, /usr/share/gnome-control-center/** r, /var/cache/gnome-vfs/defaults.list r, }	8 months ago	Import of jmichaels profiles	47	dominic	Edit	History
opensuse10.3	/opt/kde3/bin/kmail	#include <tunables/global> /opt/kde3/bin/kmail flags=(complain) { #include <abstractions/base> #include <abstractions/kde> #include <abstractions/nameservice> /cur/tmp/ w, /dat/dMisc/KMail/ w, /dat/dMisc/KMail/ lrw, /etc/X11/* r, /home//* rw, /home//.kde/share/* lrw, /home//.qt/ krw, /opt/kde3/ r, /opt/kde3/bin/kaddressbook Ux, /opt/kde3/bin/kleopatra Px, /opt/kde3/bin/kmail mr, /opt/kde3/bin/kmailcvt Px, /opt/kde3/bin/kwatchgnupg Px, /opt/kde3/lib/ mr, /usr/bin/gpg2 Px, /usr/share/ r, /var/cache/ r, }	5 days ago	ordner-lesen, Java ausf.	4	shivver-fox	Edit	History
opensuse10.3	/etc/X11/xinit/xinitrc.d/sabayon-xinitrc.sh	#include <tunables/global> /etc/X11/xinit/xinitrc.d/sabayon-xinitrc.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/X11/xinit/xinitrc.d/sabayon-xinitrc.sh mr, /proc/meminfo r, /usr/sbin/sabayon-apply Px, }	11 months ago	few more changes to get gnome session working elsewhere	86	jmichael	Edit	History
opensuse10.3	/usr/lib/gnome-panel/mixer_applet2	#include <tunables/global> /usr/lib/gnome-panel/mixer_applet2 flags=(complain) { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home//.Xauthority r, /home//.esd_auth r, /home//.fontconfig/ r, /home//.gnome2_private/ w, /home//.gstreamer-0.10/registry.i686.xml r, /home//.icons/ r, /home//.local/share/icons/ r, /proc/meminfo r, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/lib/gnome-panel/mixer_applet2 mr, /usr/share/gnome-2.0/ui/GNOME_MixerApplet.xml r, }	11 months ago	some bug-buddy rules and other misc updates	60	jmichael	Edit	History
opensuse10.3	/usr/lib/control-center-2.0/gnome-settings-daemon	#include <tunables/global> /usr/lib/control-center-2.0/gnome-settings-daemon { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /bin/bash ixr, /etc/gnome-vfs-2.0/modules/ r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/sound/events/ r, /etc/sound/events/gnome-2.soundlist r, /etc/sound/events/gtk-events-2.soundlist r, /etc/sysconfig/ r, /home// r, /home//.Xauthority r, /home//.Xdefaults r, /home//.esd_auth r, /home//.gnome2/share/ rw, /home//.gnome2/share/cursor-fonts/ rw, /home//.gnome2/share/cursor-fonts/ rw, /home//.gnome2/share/fonts/ rw, /home//.gnome2/share/fonts/fonts.dir rw, /home//.gnome2_private/ w, /home//.gstreamer-0.10/ w, /home//.gstreamer-0.10/registry.i686.xml rw, /home//.gstreamer-0.10/registry.i686.xml.tmp* rw, /home//.gtkrc-1.2-gnome2 rw, /home//.gtkrc-1.2-gnome2.new rw, /home//.icons/ r, /home//.local/share/applications/ r, /home//.local/share/applications/defaults.list r, /home//.local/share/applications/mimeinfo.cache r, /home//.local/share/icons/ r, /home//.local/share/mime/aliases r, /home//.local/share/mime/globs r, /home//.local/share/mime/magic r, /home//.local/share/mime/subclasses r, /home/jesse/.gnome2/share/fonts/* rw, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/meminfo r, /usr/bin/gnome-screensaver Px, /usr/bin/mkfontdir ixr, /usr/bin/mkfontscale ixr, /usr/bin/xrdb Px, /usr/bin/xscreensaver Px, /usr/lib/control-center-2.0/gnome-settings-daemon mr, /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper Px, /usr/lib/nautilus-cd-burner/mapping-daemon Pxmr, /usr/share/applications/ r, /usr/share/applications/mimeinfo.cache r, /usr/share/gdm/applications/ r, /usr/share/gnome-control-center/** r, /var/cache/gnome-vfs/defaults.list r, }	7 months ago	none	25	cinimod	Edit	History
opensuse10.3	/opt/kde3/bin/kaffeine	#include <tunables/global> /opt/kde3/bin/kaffeine { #include <abstractions/base> #include <abstractions/nameservice> / r, /bin/ r, /boot/ r, /dev/ r, /dev/snd/* rw, /dev/sr0 r, /etc/ r, /etc/X11/kstylerc r, /etc/X11/qt_plugins_3.3rc r, /etc/X11/qtrc r, /etc/exports r, /etc/fonts/ r, /etc/fstab r, /etc/kde3rc r, /etc/mtab r, /etc/opt/kde3/share/config/kioslaverc r, /etc/opt/kde3/share/icons// r, /etc/rpc r, /etc/security/fileshare.conf r, /home/ r, /home//* r, /home//.dvdcss/ rw, /home//.kde/share/apps/kaffeine/* rw, /home//.kde/share/config/ lrw, /home//.qt/ krw, /home//.xine/catalog.cache rw, /home//.xine/config rw, /home//.xine/config~ w, /lib/ r, /lib64/ r, /media/ r, /media/* r, /mnt/ r, /opt/ r, /opt/kde3/bin/kaffeine mr, /opt/kde3/lib/kde3/plugins/styles/ r, /opt/kde3/lib64/* mr, /opt/kde3/lib64/kde3/* mr, /opt/kde3/lib64/kde3/plugins/styles/ r, /opt/kde3/lib64/kde3/plugins/styles/* mr, /opt/kde3/share/apps/kaffeine/ r, /opt/kde3/share/config/kdeglobals r, /opt/kde3/share/config/profilerc r, /opt/kde3/share/config/ui/ui_standards.rc r, /opt/kde3/share/icons/ r, /opt/kde3/share/locale-bundle/nb/LC_MESSAGES/* r, /opt/kde3/share/locale/nb/LC_MESSAGES/* r, /proc/ r, /sbin/ r, /srv/ r, /sys/ r, /tmp/ r, /tmp/.ICE-unix/* w, /tmp/.X11-unix/* w, /tmp/ksocket-n5/* w, /usr/ r, /usr/lib64/** mr, /usr/share/X11/* r, /usr/share/X11/locale/* r, /usr/share/X11/locale/en_US.UTF-8/* r, /usr/share/alsa/ r, /usr/share/desktop-data/qtrc r, /usr/share/fonts/ r, /usr/share/icons/ r, /usr/share/xine/ r, /var/ r, /var/cache/fontconfig/* r, /var/cache/libx11/compose/* r, /var/tmp/kdecache-n5/ksycoca r, /vol/ r, /vol/** r, /windows/ r, }	11 months ago		139	kijo387	Edit	History
ubuntu-gutsy	/usr/bin/bluetooth-applet	#include <tunables/global> /usr/bin/bluetooth-applet { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/nameservice> #include <abstractions/user-tmp> /home/*/.Xauthority r, /usr/bin/bluetooth-applet mr, }	10 months ago	gnome	44	hbpteam	Edit	History
opensuse10.3	/usr/bin/metacity	#include <tunables/global> /usr/bin/metacity flags=(complain) { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /home//.ICEauthority r, /home//.Xauthority r, /home//.fontconfig/ r, /home//.metacity/sessions/ w, /proc/meminfo r, /usr/bin/bug-buddy ixr, /usr/bin/metacity mr, }	11 months ago	some bug-buddy rules and other misc updates	56	jmichael	Edit	History
opensuse10.3	/usr/bin/net	#include <tunables/global> /usr/bin/net { #include <abstractions/base> network inet dgram, /etc/samba/dhcp.conf r, /etc/samba/smb.conf r, /usr/bin/net mr, }	7 months ago	none	28	cinimod	Edit	History
opensuse10.3	/usr/sbin/scanlogd	#include <tunables/global> /usr/sbin/scanlogd { #include <abstractions/base> #include <abstractions/nameservice> capability net_raw, capability setgid, capability setuid, capability sys_chroot, network inet raw, network packet dgram, network packet raw, /usr/sbin/scanlogd mr, }	4 months ago	scanlogd	87	kaizer	Edit	History
opensuse10.3	/usr/lib/GConf/2/gconfd-2	# $Id: usr.lib.GConf.2.gconfd-2 735 2007-06-11 05:17:30Z seth_arnold $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/lib/GConf/2/gconfd-2 flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /etc/gconf/2/path r, /etc/gconf/gconf.xml.defaults r, /etc/gconf/gconf.xml.defaults/ r, /etc/gconf/gconf.xml.defaults/schemas/ r, /etc/gconf/gconf.xml.mandatory r, /usr/lib/GConf/2/gconfd-2 rmix, /usr/lib/GConf/2/libgconfbackend-xml.so mr, /usr/lib64/GConf/2/libgconfbackend-xml.so mr, /usr/share/locale/ r, @{HOME}/.gconf r, @{HOME}/.gconf/ lrw, @{HOME}/.gconfd/** lrw, }	5 days ago	gconf-neu	4	shivver-fox	Edit	History
opensuse10.3	/usr/lib/firefox/firefox.sh	#include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/lib/firefox/firefox.sh mr, }	3 months ago	/home/michael/bin	29	chahut	Edit	History
opensuse10.3	/usr/sbin/swat	#include <tunables/global> /usr/sbin/swat flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /etc/samba/dhcp.conf r, /usr/sbin/swat mr, /var/lib/samba/lang_en.tdb krw, /var/run/cups/cups.sock w, /var/run/nscd/services r, }	9 months ago	initial	59	Joe Morris	Edit	History
opensuse10.3	/usr/bin/net	#include <tunables/global> /usr/bin/net { #include <abstractions/base> network inet dgram, /etc/samba/dhcp.conf r, /etc/samba/smb.conf r, /usr/bin/net mr, }	8 months ago	Import of jmichaels profiles	44	dominic	Edit	History
opensuse10.3	/usr/lib/cups/backend/serial	#include <tunables/global> /usr/lib/cups/backend/serial flags=(complain) { #include <abstractions/base> capability sys_admin, /dev/ttyS* w, /usr/lib/cups/backend/serial mr, }	about 1 year ago	cups testing	58	dominic	Edit	History
opensuse10.3	/usr/lib/evolution/2.12/evolution-alarm-notify	#include <tunables/global> /usr/lib/evolution/2.12/evolution-alarm-notify { #include <abstractions/base> /usr/lib/evolution/2.12/evolution-alarm-notify mr, }	7 months ago	none	23	cinimod	Edit	History
ubuntu-gutsy	/usr/bin/ssh	#include <tunables/global> /usr/bin/ssh flags=(complain) { #include <abstractions/base> /usr/bin/ssh mr, }	10 months ago	U	63	roger	Edit	History
ubuntu-gutsy	/usr/lib/evolution/evolution-data-server-1.12	#include <tunables/global> /usr/lib/evolution/evolution-data-server-1.12 { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /home//.evolution/calendar/local/system/.ics rw, /home//.evolution/calendar/local/system/.ics~ rw, /home//.evolution/memos/local/system/.ics rw, /home//.evolution/memos/local/system/.ics~ rw, /home//.evolution/tasks/local/* rw, /home//.gnome2_private/ w, /proc//mounts r, /proc/stat r, /tmp/orbit-void/bonobo-activation-register.lock klrw, /usr/lib/evolution/evolution-data-server-1.12 mr, }	10 months ago	gnome	63	hbpteam	Edit	History
opensuse10.3	/usr/lib/cups/backend/beh	#include <tunables/global> /usr/lib/cups/backend/beh flags=(complain) { #include <abstractions/base> #include <abstractions/perl> /usr/bin/perl ix, /usr/lib/cups/backend/beh mr, }	about 1 year ago	cups testing	57	dominic	Edit	History
opensuse10.3	/usr/bin/evince-thumbnailer	#include <tunables/global> /usr/bin/evince-thumbnailer flags=(complain) { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/xpdfrc r, /etc/xpdfrc-cjk r, /etc/xpdfrc-cjk-auto r, /etc/xpdfrc-cjk.sjis r, /home//.fontconfig/ lrw, /home//Desktop/.pdf r, /opt/kde3/share/fonts/ r, /proc/meminfo r, /usr/bin/evince-thumbnailer mr, /usr/share/ghostscript/fonts/ r, /usr/share/xpdf/* r, }	11 months ago	argh, switch things back to complain for a while	61	jmichael	Edit	History
opensuse10.3	/usr/bin/totem-video-thumbnailer	#include <tunables/global> /usr/bin/totem-video-thumbnailer flags=(complain) { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /home//.gstreamer-0.10/registry.i686.xml r, /home//Desktop/** r, /usr/bin/totem-video-thumbnailer mr, }	11 months ago	argh, switch things back to complain for a while	57	jmichael	Edit	History
opensuse10.3	/usr/bin/Xgl	#include <tunables/global> /usr/bin/Xgl { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/fonts> #include <abstractions/freedesktop.org> #include <abstractions/user-tmp> capability dac_override, capability ipc_owner, capability setgid, capability setuid, capability sys_admin, /bin/bash ixr, /dev/dri/card* rw, /etc/sysconfig/displaymanager r, /home//.gnome2/share/cursor-fonts/fonts.dir r, /home//.gnome2/share/fonts/fonts.dir r, /home/jesse/.gnome2/share/fonts/** r, /proc/meminfo r, /usr/bin/Xgl mr, /usr/bin/Xorg Px, /usr/bin/xkbcomp Px, /usr/lib/dri/.so mr, /var/lib/gdm/ r, /var/lib/xkb/compiled/.xkm rw, /var/log/Xgl..log rw, /var/log/Xgl..log.old w, /var/log/gdm/.log w, }	8 months ago	Import of jmichaels profiles	48	dominic	Edit	History
opensuse10.3	/usr/bin/manpath	#include <tunables/global> /usr/bin/manpath flags=(complain) { #include <abstractions/base> /etc/manpath.config r, /usr/bin/manpath mr, }	21 days ago		7	arturk	Edit	History
opensuse10.3	/usr/sbin/mysqld-max	#include <tunables/global> /usr/sbin/mysqld-max { #include <abstractions/base> #include <abstractions/nameservice> capability dac_override, capability setgid, capability setuid, network inet tcp, /etc/ld.so.preload r, /etc/my.cnf r, /usr/sbin/mysqld r, /usr/sbin/mysqld-max mr, /usr/share/mysql/ r, /var/db/nscd/passwd r, /var/lib/distccd/ lkrw, /var/lib/mysql/ r, /var/lib/mysql/** klrw, /var/run/mysqld/* lrw, }	about 1 month ago		10	hello	Edit	History
opensuse10.3	/usr/sbin/httpd2-prefork	#include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/nis> capability dac_override, capability net_bind_service, capability setgid, capability setuid, /etc/apache2/conf.d/ r, /etc/apache2/conf.d/mod_fcgid.conf r, /etc/apache2/conf.d/mod_mono.conf r, /etc/apache2/conf.d/mod_perl.conf r, /etc/apache2/conf.d/php5.conf r, /etc/apache2/conf.d/phpmyadmin.conf r, /etc/apache2/default-server.conf r, /etc/apache2/errors.conf r, /etc/apache2/httpd.conf r, /etc/apache2/listen.conf r, /etc/apache2/mod_autoindex-defaults.conf r, /etc/apache2/mod_info.conf r, /etc/apache2/mod_log_config.conf r, /etc/apache2/mod_mime-defaults.conf r, /etc/apache2/mod_status.conf r, /etc/apache2/mod_userdir.conf r, /etc/apache2/mod_usertrack.conf r, /etc/apache2/server-tuning.conf r, /etc/apache2/ssl-global.conf r, /etc/apache2/sysconfig.d/global.conf r, /etc/apache2/sysconfig.d/include.conf r, /etc/apache2/sysconfig.d/loadmodule.conf r, /etc/apache2/uid.conf r, /etc/apache2/vhosts.d/ r, /etc/gai.conf r, /etc/mime.types r, /etc/php5/apache2/php.ini r, /etc/php5/conf.d/ r, /etc/php5/conf.d/bcmath.ini r, /etc/php5/conf.d/bz2.ini r, /etc/php5/conf.d/calendar.ini r, /etc/php5/conf.d/ctype.ini r, /etc/php5/conf.d/curl.ini r, /etc/php5/conf.d/dba.ini r, /etc/php5/conf.d/dom.ini r, /etc/php5/conf.d/exif.ini r, /etc/php5/conf.d/gd.ini r, /etc/php5/conf.d/gmp.ini r, /etc/php5/conf.d/hash.ini r, /etc/php5/conf.d/iconv.ini r, /etc/php5/conf.d/json.ini r, /etc/php5/conf.d/mbstring.ini r, /etc/php5/conf.d/mcrypt.ini r, /etc/php5/conf.d/mysql.ini r, /etc/php5/conf.d/mysqli.ini r, /etc/php5/conf.d/ncurses.ini r, /etc/php5/conf.d/odbc.ini r, /etc/php5/conf.d/openssl.ini r, /etc/php5/conf.d/pcntl.ini r, /etc/php5/conf.d/pdo.ini r, /etc/php5/conf.d/pdo_mysql.ini r, /etc/php5/conf.d/pdo_odbc.ini r, /etc/php5/conf.d/pdo_sqlite.ini r, /etc/php5/conf.d/posix.ini r, /etc/php5/conf.d/pspell.ini r, /etc/php5/conf.d/readline.ini r, /etc/php5/conf.d/shmop.ini r, /etc/php5/conf.d/snmp.ini r, /etc/php5/conf.d/soap.ini r, /etc/php5/conf.d/sockets.ini r, /etc/php5/conf.d/sqlite.ini r, /etc/php5/conf.d/suhosin.ini r, /etc/php5/conf.d/tidy.ini r, /etc/php5/conf.d/tokenizer.ini r, /etc/php5/conf.d/wddx.ini r, /etc/php5/conf.d/xmlreader.ini r, /etc/php5/conf.d/xmlrpc.ini r, /etc/php5/conf.d/xmlwriter.ini r, /etc/php5/conf.d/xsl.ini r, /etc/php5/conf.d/zip.ini r, /etc/php5/conf.d/zlib.ini r, /proc//attr/current w, /tmp/.wapi/ w, /tmp/mod_mono_dashboard_XXGLOBAL_1 rw, /usr/bin/mod-mono-server px, /usr/lib64/* mr, /usr/sbin/httpd2-prefork mr, /usr/share/snmp/mibs/.index r, /usr/share/snmp/mibs/DISMAN-EVENT-MIB.txt r, /usr/share/snmp/mibs/DISMAN-SCHEDULE-MIB.txt r, /usr/share/snmp/mibs/HOST-RESOURCES-MIB.txt r, /usr/share/snmp/mibs/HOST-RESOURCES-TYPES.txt r, /usr/share/snmp/mibs/IANA-RTPROTO-MIB.txt r, /usr/share/snmp/mibs/IANAifType-MIB.txt r, /usr/share/snmp/mibs/IF-MIB.txt r, /usr/share/snmp/mibs/INET-ADDRESS-MIB.txt r, /usr/share/snmp/mibs/IP-FORWARD-MIB.txt r, /usr/share/snmp/mibs/IP-MIB.txt r, /usr/share/snmp/mibs/IPV6-ICMP-MIB.txt r, /usr/share/snmp/mibs/IPV6-MIB.txt r, /usr/share/snmp/mibs/IPV6-TC.txt r, /usr/share/snmp/mibs/IPV6-TCP-MIB.txt r, /usr/share/snmp/mibs/IPV6-UDP-MIB.txt r, /usr/share/snmp/mibs/LM-SENSORS-MIB.txt r, /usr/share/snmp/mibs/NET-SNMP-AGENT-MIB.txt r, /usr/share/snmp/mibs/NET-SNMP-EXTEND-MIB.txt r, /usr/share/snmp/mibs/NET-SNMP-MIB.txt r, /usr/share/snmp/mibs/NET-SNMP-VACM-MIB.txt r, /usr/share/snmp/mibs/NOTIFICATION-LOG-MIB.txt r, /usr/share/snmp/mibs/RFC1155-SMI.txt r, /usr/share/snmp/mibs/RFC1213-MIB.txt r, /usr/share/snmp/mibs/SNMP-COMMUNITY-MIB.txt r, /usr/share/snmp/mibs/SNMP-FRAMEWORK-MIB.txt r, /usr/share/snmp/mibs/SNMP-MPD-MIB.txt r, /usr/share/snmp/mibs/SNMP-NOTIFICATION-MIB.txt r, /usr/share/snmp/mibs/SNMP-TARGET-MIB.txt r, /usr/share/snmp/mibs/SNMP-USER-BASED-SM-MIB.txt r, /usr/share/snmp/mibs/SNMP-VIEW-BASED-ACM-MIB.txt r, /usr/share/snmp/mibs/SNMPv2-MIB.txt r, /usr/share/snmp/mibs/SNMPv2-SMI.txt r, /usr/share/snmp/mibs/SNMPv2-TC.txt r, /usr/share/snmp/mibs/SNMPv2-TM.txt r, /usr/share/snmp/mibs/TCP-MIB.txt r, /usr/share/snmp/mibs/UCD-DEMO-MIB.txt r, /usr/share/snmp/mibs/UCD-DISKIO-MIB.txt r, /usr/share/snmp/mibs/UCD-DLMOD-MIB.txt r, /usr/share/snmp/mibs/UCD-IPFWACC-MIB.txt r, /usr/share/snmp/mibs/UCD-SNMP-MIB.txt r, /usr/share/snmp/mibs/UDP-MIB.txt r, /usr/share/terminfo/v/vt100 r, /var/lib/php5/session_mm_apache2handler0.sem kw, /var/log/apache2/access_log a, /var/log/apache2/error_log a, /var/run/httpd2.pid w, /var/run/nscd/services r, } /usr/sbin/httpd2-prefork///egroupware/login.php flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc//attr/current w, /srv/www/htdocs/egroupware/header.inc.php r, /srv/www/htdocs/egroupware/login.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/adodb/adodb-iterator.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/adodb/adodb-time.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/adodb/adodb.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/adodb/drivers/adodb-mysql.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.Template.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.accounts.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.accounts_sql.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.acl.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.applications.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.auth.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.auth_sql.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.browser.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.common.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.config.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.contenthistory.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.crypto.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.dragdrop.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.egw.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.egw_datetime.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.egw_db.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.egw_framework.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.error.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.errorlog.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.hooks.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.html.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.javascript.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.preferences.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.sessions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.sessions_php4.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.tplsavant2.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.translation.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/common_functions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/functions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/savant2/Savant2.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/soap_functions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/xajax.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/xajaxResponse.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/xml_functions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/js/jsapi/jsapi.js r, /srv/www/htdocs/egroupware/phpgwapi/setup/setup.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/setup/tables_current.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/templates/default/head.tpl r, /srv/www/htdocs/egroupware/phpgwapi/templates/default/images/ r, /srv/www/htdocs/egroupware/phpgwapi/templates/default/login.tpl r, /srv/www/htdocs/egroupware/phpgwapi/templates/idots/class.idots_framework.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/templates/idots/images/ r, /var/lib/mysql/mysql.sock w, /var/log/apache2/access_log w, } "/usr/sbin/httpd2-prefork///egroupware/phpgwapi/templates/default/images/DPC LOGO TIFF.tif" flags=(complain) { #include <abstractions/nameservice> /proc//attr/current w, "/srv/www/htdocs/egroupware/phpgwapi/templates/default/images/DPC LOGO TIFF.tif" r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork///webERP/index.php flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc//attr/current w, /srv/www/htdocs/webERP/config.php r, /srv/www/htdocs/webERP/includes/ConnectDB.inc r, /srv/www/htdocs/webERP/includes/ConnectDB_mysqli.inc r, /srv/www/htdocs/webERP/includes/DateFunctions.inc r, /srv/www/htdocs/webERP/includes/GetConfig.php r, /srv/www/htdocs/webERP/includes/LanguageSetup.php r, /srv/www/htdocs/webERP/includes/MiscFunctions.php r, /srv/www/htdocs/webERP/includes/footer.inc r, /srv/www/htdocs/webERP/includes/header.inc r, /srv/www/htdocs/webERP/includes/php-gettext/gettext.php r, /srv/www/htdocs/webERP/includes/php-gettext/streams.php r, /srv/www/htdocs/webERP/includes/session.inc r, /srv/www/htdocs/webERP/index.php r, /srv/www/htdocs/webERP/locale/en_US/LC_MESSAGES/messages.mo r, /usr/share/mysql/charsets/Index.xml r, /var/lib/mysql/mysql.sock w, /var/lib/php5/sess_4srj8ot0k3dg4i4cfh382evemsc9jshf krw, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork//DEFAULT_URI flags=(complain) { /var/log/apache2/error_log w, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /proc//attr/current w, }	4 months ago	egroupware	52	kent	Edit	History
ubuntu-gutsy	/usr/bin/gnome-panel	#include <tunables/global> /usr/bin/gnome-panel { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/gnome> #include <abstractions/nameservice> capability dac_override, capability setgid, capability setuid, /bin/ r, /bin/bash ixr, /bin/dash ixr, /bin/egrep ixr, /bin/grep ixr, /bin/sed ixr, /bin/su Px, /bin/uname ixr, /dev/ptmx rw, /etc/init.d/ r, /etc/sound/events/gtk-events-2.soundlist r, /etc/sudoers r, /etc/xdg/menus/ r, /etc/xdg/menus/applications.menu r, /etc/xdg/menus/preferences.menu r, /etc/xdg/menus/settings.menu r, /home// r, /home//.ICEauthority r, /home//.Xauthority r, /home//.bash_history ar, /home//.bashrc r, /home//.config/user-dirs.dirs r, /home//.gnome2_private/ w, /home//.gtk-bookmarks r, /home//.icons/ r, /home//.recently-used.xbel r, /home//.thumbnails/normal/.png r, /lib/terminfo/x/xterm r, /proc//mounts r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /sbin/ r, /tmp/* klrw, /usr/bin/ r, /usr/bin/alacarte ixr, /usr/bin/avidemux ixr, /usr/bin/baobab ixr, /usr/bin/basename ixr, /usr/bin/beep-media-player-2 ixr, /usr/bin/cinepaint ixr, /usr/bin/devede ixr, /usr/bin/dircolors ixmr, /usr/bin/dirname ixr, /usr/bin/ekiga ixr, /usr/bin/env ix, /usr/bin/eog ixr, /usr/bin/evince ixr, /usr/bin/evolution Px, /usr/bin/f-spot ixr, /usr/bin/file-roller ixr, /usr/bin/gdmphotosetup ixr, /usr/bin/gimp-2.4 ixr, /usr/bin/git ixr, /usr/bin/git-merge r, /usr/bin/gksu ixr, /usr/bin/gnome-panel mr, /usr/bin/gnome-system-monitor ixr, /usr/bin/gnome-terminal ixr, /usr/bin/inkscape ixr, /usr/bin/kradio Px, /usr/bin/lesspipe ixr, /usr/bin/lynx.stable ixr, /usr/bin/monodevelop ixr, /usr/bin/mplayer ixr, /usr/bin/nautilus ixr, /usr/bin/nautilus-cd-burner ixr, /usr/bin/nautilus-connect-server ixr, /usr/bin/nessus ixr, /usr/bin/nmapfe ixr, /usr/bin/oofromtemplate ixr, /usr/bin/opera ixr, /usr/bin/python2.5 ix, /usr/bin/streamtuner ixr, /usr/bin/sudo ixr, /usr/bin/tsclient ixr, /usr/bin/ttb ixr, /usr/bin/wireshark ixr, /usr/bin/xaralx ixr, /usr/games/ r, /usr/lib/bonobo-activation/bonobo-activation-server Px, /usr/lib/command-not-found ixr, /usr/lib/firefox/firefox Px, /usr/lib/libvte9/gnome-pty-helper ixr, /usr/local/bin/ r, /usr/local/sbin/ r, /usr/local/share/applications/ r, /usr/local/share/desktop-directories/ r, /usr/local/share/icons/ r, /usr/sbin/ r, /usr/sbin/gdmsetup ixr, /usr/sbin/logprof Ux, /usr/share/albumshaper/images/*.xpm r, /usr/share/applications/ r, /usr/share/applications/.desktop r, /usr/share/applications/kde/ r, /usr/share/applications/kde/.desktop r, /usr/share/applications/screensavers/ r, /usr/share/applications/screensavers/.desktop r, /usr/share/aqualung/.png r, /usr/share/control-center-2.0/capplets/ r, /usr/share/control-center-2.0/capplets/.desktop r, /usr/share/desktop-directories/ r, /usr/share/desktop-directories/.directory r, /usr/share/firefox/icons/.png r, /usr/share/gdm/applications/ r, /usr/share/gdm/applications/.desktop r, /usr/share/gdm/gdmXnestWrapper ixr, /usr/share/gnome-2.0/ui/.xml r, /usr/share/gnome/apps/ r, /usr/share/gnome/apps/Internet/ r, /usr/share/gnome/apps/Multimedia/ r, /usr/share/klavaro/pixmaps/.xpm r, /usr/share/locale-langpack/en_US/.mo r, /usr/share/system-config-printer/.png r, /usr/share/vte/termcap/xterm r, /usr/share/xine/desktop/*.desktop r, /var/log/wtmp kw, /var/run/sudo/void/0 w, /var/run/sudo/void/1 w, /var/run/utmp krw, }	10 months ago	gnome	51	hbpteam	Edit	History
ubuntu-gutsy	/usr/bin/skype	#include <tunables/global> /usr/bin/skype flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /dev/snd/controlC0 rw, /dev/snd/controlC1 rw, /dev/snd/pcmC0D0c rw, /dev/snd/pcmC0D0p rw, /dev/snd/pcmC0D1c rw, /dev/snd/pcmC0D2p rw, /dev/snd/timer r, /etc/fonts/** r, /home//.Skype/ rw, /home//.Skype/** krw, /home//.config/Trolltech.conf kr, /proc/interrupts r, /tmp/.X11-unix/X0 w, /usr/bin/skype mr, /usr/share/X11/XKeysymDB r, /usr/share/fonts/* r, /usr/share/icons/DMZ-White/cursor.theme r, /usr/share/icons/DMZ-White/cursors/arrow r, /usr/share/icons/DMZ-White/cursors/double_arrow r, /usr/share/icons/DMZ-White/cursors/xterm r, /usr/share/icons/DMZ-White/index.theme r, /usr/share/icons/Human/index.theme r, /usr/share/icons/Tangerine/index.theme r, /usr/share/icons/gnome/index.theme r, /usr/share/skype/** r, /var/cache/fontconfig/059138ec877db160474b4d5de1248d14-x86.cache-2 r, /var/cache/fontconfig/089dead882dea3570ffc31a9898cfb69-x86.cache-2 r, /var/cache/fontconfig/0f32d3adc6a232110812e17374eaa446-x86.cache-2 r, /var/cache/fontconfig/0f34bcd4b6ee430af32735b75db7f02b-x86.cache-2 r, /var/cache/fontconfig/102e5142c2e9e50c5e8ece26694a2dad-x86.cache-2 r, /var/cache/fontconfig/118d8d5311348bbdf5fe3b106d7c13d4-x86.cache-2 r, /var/cache/fontconfig/142ecfc435bad6f1fbc2648c1119d5eb-x86.cache-2 r, /var/cache/fontconfig/20bd79ad97094406f7d1b9654bfbd926-x86.cache-2 r, /var/cache/fontconfig/21a99156bb11811cef641abeda519a45-x86.cache-2 r, /var/cache/fontconfig/2561679576a9c7fd2ce41d281d4e00d1-x86.cache-2 r, /var/cache/fontconfig/3830d5c3ddfd5cd38a049b759396e72e-x86.cache-2 r, /var/cache/fontconfig/4123634e9c08547d899d0aaff05ebe69-x86.cache-2 r, /var/cache/fontconfig/4794a0821666d79190d59a36cb4f44b5-x86.cache-2 r, /var/cache/fontconfig/4c599c202bc5c08e2d34565a40eac3b2-x86.cache-2 r, /var/cache/fontconfig/4c73fe0c47614734b17d736dbde7580a-x86.cache-2 r, /var/cache/fontconfig/61c830dfac3fd78a12654da5e9ba3f56-x86.cache-2 r, /var/cache/fontconfig/6330322105e0c4105d7c7a6ea2974107-x86.cache-2 r, /var/cache/fontconfig/6333f38776742d18e214673cd2c24e34-x86.cache-2 r, /var/cache/fontconfig/6386b86020ecc1ef9690bb720a13964f-x86.cache-2 r, /var/cache/fontconfig/646addb8444faa74ee138aa00ab0b6a0-x86.cache-2 r, /var/cache/fontconfig/6d41288fd70b0be22e8c3a91e032eec0-x86.cache-2 r, /var/cache/fontconfig/707971e003b4ae6c8121c3a920e507f5-x86.cache-2 r, /var/cache/fontconfig/75a2cd575a62c63e802c11411fb87c37-x86.cache-2 r, /var/cache/fontconfig/7b4a97c10f6c0166998ddfa1cf7392fb-x86.cache-2 r, /var/cache/fontconfig/7ef2298fde41cc6eeb7af42e48b7d293-x86.cache-2 r, /var/cache/fontconfig/8ab5f685cd6d8ba67c37c908faf08172-x86.cache-2 r, /var/cache/fontconfig/921a30a17f0be15c70ac14043cb7a739-x86.cache-2 r, /var/cache/fontconfig/92a571655fb1c0ec1c4d6f496220600a-x86.cache-2 r, /var/cache/fontconfig/9404ff413c67fc2a1526fd14eb4163a8-x86.cache-2 r, /var/cache/fontconfig/945677eb7aeaf62f1d50efc3fb3ec7d8-x86.cache-2 r, /var/cache/fontconfig/9c0624108b9a2ae8552f664125be8356-x86.cache-2 r, /var/cache/fontconfig/a1131b7be650f9abae4907495aa5815d-x86.cache-2 r, /var/cache/fontconfig/a2ab74764b07279e7c36ddb1d302cf26-x86.cache-2 r, /var/cache/fontconfig/a755afe4a08bf5b97852ceb7400b47bc-x86.cache-2 r, /var/cache/fontconfig/a960c40fc9306f090224a04585f8a963-x86.cache-2 r, /var/cache/fontconfig/b21a91cee725896328b8cee8091cf747-x86.cache-2 r, /var/cache/fontconfig/b3fedf7c409f006ca1a6fceffceb77cf-x86.cache-2 r, /var/cache/fontconfig/b5a4f3f568a71026ccdc6a3a51afa9b4-x86.cache-2 r, /var/cache/fontconfig/b8613a33de00eecd32d5a94c3c617829-x86.cache-2 r, /var/cache/fontconfig/c69f04ab05004e31a6d5e715764f16d8-x86.cache-2 r, /var/cache/fontconfig/c855463f699352c367813e37f3f70ea7-x86.cache-2 r, /var/cache/fontconfig/cabbd14511b9e8a55e92af97fb3a0461-x86.cache-2 r, /var/cache/fontconfig/d52a8644073d54c13679302ca1180695-x86.cache-2 r, /var/cache/fontconfig/d82eb4fd963d448e2fcb7d7b793b5df3-x86.cache-2 r, /var/cache/fontconfig/da1bd5ca8443ffe22927a23ce431d198-x86.cache-2 r, /var/cache/fontconfig/ddc79d3ea06a7c6ffa86ede85f3bb5df-x86.cache-2 r, /var/cache/fontconfig/de156ccd2eddbdc19d37a45b8b2aac9c-x86.cache-2 r, /var/cache/fontconfig/de9486f0b47a4d768a594cb4198cb1c6-x86.cache-2 r, /var/cache/fontconfig/e0f9e95429e756d56293ed4d63866094-x86.cache-2 r, /var/cache/fontconfig/e13b20fdb08344e0e664864cc2ede53d-x86.cache-2 r, /var/cache/fontconfig/e383d7ea5fbe662a33d9b44caf393297-x86.cache-2 r, /var/cache/fontconfig/e3de0de479f42330eadf588a55fb5bf4-x86.cache-2 r, /var/cache/fontconfig/e7071f4a29fa870f4323321c154eba04-x86.cache-2 r, /var/cache/fontconfig/e9e44584608a73233979f764b5f9dd81-x86.cache-2 r, /var/cache/fontconfig/eeebfc908bd29a90773fd860017aada4-x86.cache-2 r, /var/cache/fontconfig/f5a93ac943883aa0fd9a7bfe0f6ec3c1-x86.cache-2 r, /var/cache/fontconfig/f71c1c7b3f795e5e20ad4a8800a9d397-x86.cache-2 r, /var/cache/fontconfig/fcff1cd55d48a2c86a175e9943c3506d-x86.cache-2 r, /var/cache/fontconfig/fd9416c4b92f07c6f59a3a8cf496e9dc-x86.cache-2 r, /var/cache/fontconfig/fd9505950c048a77dc4b710eb6a628ed-x86.cache-2 r, /var/cache/fontconfig/fe547fea3a41b43a38975d292a2b19c7-x86.cache-2 r, /var/lib/defoma/fontconfig.d/fonts.conf r, }	10 months ago	0.1	61	tommes	Edit	History
opensuse10.3	/home/dominic/bin/url_handler.sh	#include <tunables/global> /home/dominic/bin/url_handler.sh { #include <abstractions/base> /home/dominic/bin/url_handler.sh mr, }	7 months ago	none	26	cinimod	Edit	History
opensuse10.3	/usr/bin/Xgl	#include <tunables/global> /usr/bin/Xgl { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/fonts> #include <abstractions/freedesktop.org> #include <abstractions/user-tmp> capability dac_override, capability ipc_owner, capability setgid, capability setuid, capability sys_admin, /bin/bash ixr, /dev/dri/card* rw, /etc/sysconfig/displaymanager r, /home//.gnome2/share/cursor-fonts/fonts.dir r, /home//.gnome2/share/fonts/fonts.dir r, /home/jesse/.gnome2/share/fonts/** r, /proc/meminfo r, /usr/bin/Xgl mr, /usr/bin/Xorg Px, /usr/bin/xkbcomp Px, /usr/lib/dri/.so mr, /var/lib/gdm/ r, /var/lib/xdm/authdir/authfiles/* r, /var/lib/xkb/compiled/.xkm rw, /var/log/Xgl..log rw, /var/log/Xgl..log.old w, /var/log/gdm/.log w, }	7 months ago	none	24	cinimod	Edit	History
opensuse10.3	/usr/lib/beagle/beagled-index-helper	#include <tunables/global> /usr/lib/beagle/beagled-index-helper flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/user-tmp> /bin/bash ixr, /etc/mono/2.0/machine.config r, /etc/mono/config r, /home// rw, /home//.beagle/** krw, /home//.local/share/mime/mime.cache mr, /home//.wapi/shared_data-* mrw, /home//.wapi/shared_fileshare- mrw, /home//Desktop/ r, /proc//maps r, /proc//status r, /proc/meminfo r, /proc/stat r, /proc/sys/kernel/ngroups_max r, /usr/bin/mono ixr, /usr/bin/totem-video-indexer Px, /usr/lib/beagle/.dll mr, /usr/lib/beagle/Filters/.dll mr, /usr/lib/beagle/IndexHelper.exe mr, /usr/lib/beagle/beagled-index-helper mr, /usr/lib/mono/2.0/mscorlib.dll mr, /usr/lib/mono/gac/**.dll mr, /usr/share/mime/mime.cache mr, /var/tmp/ rw, }	11 months ago	argh, switch things back to complain for a while	66	jmichael	Edit	History
opensuse10.3	/usr/bin/skype	#include <tunables/global> /usr/bin/skype flags=(complain) { #include <abstractions/base> /usr/bin/skype mr, }	about 1 year ago		90	draglor	Edit	History
opensuse10.3	/usr/sbin/httpd2-prefork	# $Id: usr.sbin.httpd2-prefork 706 2007-05-31 06:58:22Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/perl> capability dac_override, capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_tty_config, /dev/random r, /etc/apache2/.conf r, /etc/apache2/.digest r, /etc/apache2/magic r, /etc/apache2/mod_perl-startup.pl r, /etc/apache2/ssl.crt/.crt r, /etc/apache2/ssl.key/.key r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/fstab r, /etc/gai.conf r, /etc/mime.types r, /etc/mtab r, /etc/odbcinst.ini r, /etc/php.d/ r, /etc/php.d/** r, /etc/php.ini r, /etc/php5/apache2/php.ini r, /etc/php5/conf.d/ r, /etc/php5/conf.d/ctype.ini r, /etc/php5/conf.d/dom.ini r, /etc/php5/conf.d/hash.ini r, /etc/php5/conf.d/iconv.ini r, /etc/php5/conf.d/json.ini r, /etc/php5/conf.d/pdo.ini r, /etc/php5/conf.d/pdo_sqlite.ini r, /etc/php5/conf.d/sqlite.ini r, /etc/php5/conf.d/tokenizer.ini r, /etc/php5/conf.d/xmlreader.ini r, /etc/php5/conf.d/xmlwriter.ini r, /home// r, /srv/www/htdocs r, /srv/www/htdocs/* r, /srv/www/icons/.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/* r, /tmp/auth_ldap_cache.sem wl, /tmp/session_mm_apache0.sem wl, /tmp/session_mm_apache2handler0.sem wl, /usr/X11R6/lib/lib.so mr, /usr/X11R6/lib64/lib.so mr, /usr/apache2/error/* r, /usr/lib/apache2-leader/{lib,mod_}.so mr, /usr/lib/apache2-metuxmpm/{lib,mod_}.so mr, /usr/lib/apache2-prefork/{lib,mod_}.so mr, /usr/lib/apache2-worker/{lib,mod_}.so mr, /usr/lib/apache2/modules/{lib,mod_}.so mr, /usr/lib/apache2/{lib,mod_}.so mr, /usr/lib/mysql/libmysql.so* mr, /usr/lib/php/extensions/.so mr, /usr/lib/php4/.so mr, /usr/lib/python[12].[0-9]/*.{py,pyc,pth,so} mr, /usr/lib/python[12].[0-9]/site-packages r, /usr/lib/qt3/lib/lib.so* mr, /usr/lib64/** mr, /usr/lib64/apache2-leader/{lib,mod_}.so mr, /usr/lib64/apache2-metuxmpm/{lib,mod_}.so mr, /usr/lib64/apache2-prefork/{lib,mod_}.so mr, /usr/lib64/apache2-worker/{lib,mod_}.so mr, /usr/lib64/apache2/modules/{lib,mod_}.so mr, /usr/lib64/apache2/{lib,mod_}.so mr, /usr/lib64/python[12].[0-9]/.{py,pyc,pth,so} mr, /usr/local/tomcat/conf/mod_jk.conf r, /usr/local/tomcat/conf/workers-ajp12.properties r, /usr/sbin/httpd2-prefork r, /usr/sbin/suexec2 mixr, /usr/share/apache2/ r, /usr/share/apache2/error/* r, /usr/share/apache2/error/include/* r, /usr/share/misc/magic.mime r, /usr/share/snmp/mibs r, /usr/share/snmp/mibs/.{txt,mib} r, /usr/share/snmp/mibs/.index wr, /usr/share/ssl/openssl.cnf r, /var/dav/lock/lockdb.dir krw, /var/dav/lock/lockdb.pag rw, /var/lib/php/sess_ rwl, /var/lib/php5/session_mm_apache2handler0.sem kw, /var/lock/httpd2.lock.* wl, /var/log/apache2/* rwl, /var/log/apache2/** rwl, /var/log/httpd/ssl_scache.dir r, /var/log/httpd/ssl_scache.pag r, /var/run/httpd2.mm.* wl, /var/run/httpd2.pid wl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/* r, } /usr/sbin/httpd2-prefork//DEFAULT_URI flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/* r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /var/lib/php/sess_* rwl, /var/log/apache2/** rwl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/* r, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /*.htaccess r, /var/log/apache2/ w, }	3 months ago		21	ytakeda	Edit	History
ubuntu-gutsy	/usr/bin/gnome-splashscreen-manager	#include <tunables/global> /usr/bin/gnome-splashscreen-manager { #include <abstractions/base> /usr/bin/env ix, /usr/bin/gnome-splashscreen-manager mr, }	10 months ago	gnome	48	hbpteam	Edit	History
ubuntu-gutsy	/usr/bin/gnome-keyboard-properties	#include <tunables/global> /usr/bin/gnome-keyboard-properties { #include <abstractions/base> /usr/bin/gnome-keyboard-properties mr, }	10 months ago	gnome	50	hbpteam	Edit	History
ubuntu-gutsy	/usr/bin/gnome-session	#include <tunables/global> /usr/bin/gnome-session { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/nameservice> #include <abstractions/python> /bin/dash ixr, /etc/X11/xorg.conf r, /etc/apt/apt.conf.d/ r, /etc/apt/apt.conf.d/* r, /etc/apt/sources.list r, /etc/apt/sources.list.d/ r, /etc/apt/sources.list.d/medibuntu.list r, /etc/debian_version r, /etc/default/linux-restricted-modules-common krw, /etc/lsb-release r, /etc/sound/events/gnome-2.soundlist r, /etc/sound/events/gtk-events-2.soundlist r, /etc/update-notifier/hooks_seen r, /etc/xdg/autostart/ r, /etc/xdg/autostart/.desktop r, /home// r, /home//.NC7E0T rw, /home//.ICEauthority rw, /home//.ICEauthority-c w, /home//.ICEauthority-l lw, /home//.Xauthority r, /home//.cache/tracker/ r, /home//.cache/tracker/.db krw, /home//.cache/tracker/.db-journal w, /home//.config/.dirs r, /home//.config/.locale r, /home//.config/tracker/.cfg r, /home//.evolution/mail/local/ r, /home//.evolution/mail/local/.ev-summary r, /home//.evolution/mail/local/Inbox r, /home//.gnome2_private/ w, /home//.gstreamer-0.10/.xml r, /home//.gtk-bookmarks rw, /home//.icons/ r, /home//.local/share/tracker/.log w, /home//.local/share/tracker/data/ r, /home//.local/share/tracker/data/.db krw, /home//.local/share/tracker/data/.db-journal w, /home//.local/share/tracker/void_tracker_lock krw, /home//Desktop/ r, /home//Documents/ r, /home//Music/ r, /home//Pictures/ r, /home//Public/ r, /home//Templates/ r, /home//Videos/ r, /home//dvdrip-data/ r, /home//themes/ r, /home//themes// r, /lib/linux-restricted-modules/2.6.22-14-generic/ r, /proc//mounts r, /proc/acpi/ac_adapter/ r, /proc/asound/cards r, /proc/meminfo r, /proc/modules r, /proc/stat r, /proc/sys/fs/inotify/max_user_watches r, /sys/devices/ r, /sys/devices// r, /sys/devices/acpi_system:00/ACPI0007:00/ r, /sys/devices/acpi_system:00/ACPI0007:00/power/ r, /sys/devices/acpi_system:00/button_power:00/ r, /sys/devices/acpi_system:00/button_power:00/power/ r, /sys/devices/acpi_system:00/device:00/ r, /sys/devices/acpi_system:00/device:00// r, /sys/devices/acpi_system:00/power/ r, /sys/devices/acpi_system:00/thermal:00/ r, /sys/devices/acpi_system:00/thermal:00// r, /sys/devices/isa/power/ r, /sys/devices/pci0000:00/ r, /sys/devices/platform/bluetooth/ r, /sys/devices/platform/bluetooth/modalias r, /sys/devices/platform/bluetooth/power/ r, /sys/devices/platform/eisa.0/ r, /sys/devices/platform/eisa.0/modalias r, /sys/devices/platform/eisa.0/power/ r, /sys/devices/platform/floppy.0/ r, /sys/devices/platform/floppy.0/modalias r, /sys/devices/platform/floppy.0/power/ r, /sys/devices/platform/i8042/ r, /sys/devices/platform/i8042/modalias r, /sys/devices/platform/i8042/power/ r, /sys/devices/platform/i8042/serio0/ r, /sys/devices/platform/i8042/serio0/id/ r, /sys/devices/platform/i8042/serio0/modalias r, /sys/devices/platform/i8042/serio0/power/ r, /sys/devices/platform/i8042/serio1/ r, /sys/devices/platform/i8042/serio1/id/ r, /sys/devices/platform/i8042/serio1/modalias r, /sys/devices/platform/i8042/serio1/power/ r, /sys/devices/platform/pcspkr/ r, /sys/devices/platform/pcspkr/modalias r, /sys/devices/platform/pcspkr/power/ r, /sys/devices/platform/power/ r, /sys/devices/platform/serial8250/ r, /sys/devices/platform/serial8250/modalias r, /sys/devices/platform/serial8250/power/ r, /sys/devices/pnp0// r, /sys/devices/pnp1/power/ r, /sys/devices/system// r, /tmp/ klrw, /usr/bin/aplay Px, /usr/bin/apt-cache ixr, /usr/bin/basename ixr, /usr/bin/bluetooth-applet Px, /usr/bin/bug-buddy Px, /usr/bin/dbus-daemon Px, /usr/bin/env ixr, /usr/bin/gconftool-2 ixr, /usr/bin/gnome-at-visual ixr, /usr/bin/gnome-panel Px, /usr/bin/gnome-power-manager ixr, /usr/bin/gnome-session mr, /usr/bin/gnome-volume-manager Px, /usr/bin/gnome-wm Px, /usr/bin/lsb_release ixr, /usr/bin/nautilus Px, /usr/bin/nm-applet ixr, /usr/bin/python2.5 ixr, /usr/bin/restricted-manager ixr, /usr/bin/system-config-printer-applet ixr, /usr/bin/trackerd ixr, /usr/bin/update-notifier ixr, /usr/bin/vino-session Px, /usr/bin/xdg-user-dirs-gtk-update ixr, /usr/lib/evolution/2.12/evolution-alarm-notify ixr, /usr/lib/libgconf2-4/gconf-sanity-check-2 Px, /usr/lib/libgconf2-4/gconfd-2 Px, /usr/lib/update-notifier/apt-check ixr, /usr/local/share/applications/ r, /usr/local/share/icons/ r, /usr/share/applications/ r, /usr/share/applications// r, /usr/share/apport/apport-gtk ixr, /usr/share/gdm/applications/ r, /usr/share/gnome/.session r, /usr/share/gnome/autostart/ r, /usr/share/gnome/autostart/* r, /usr/share/linux-restricted-modules/2.6.22-14-generic/modules.alias.override/ r, /usr/share/nm-applet/applet.glade r, /usr/share/restricted-manager/groups/ r, /usr/share/restricted-manager/groups/vmware r, /usr/share/restricted-manager/manager.glade r, /usr/share/restricted-manager/modalias_override/ r, /usr/share/system-config-printer/applet.py ixr, /usr/share/tracker/.sql r, /usr/share/tracker/languages/stopwords.en r, /usr/share/update-notifier/glade/.glade r, /var/cache/apt/archives/ r, /var/cache/apt/archives/partial/ r, /var/cache/apt/pkgcache.bin r, /var/cache/restricted-manager/*.restricted krw, /var/cache/restricted-manager/seen krw, /var/cache/restricted-manager/used krw, /var/crash/ r, /var/lib/apt/extended_states r, /var/lib/apt/lists/ r, /var/lib/dpkg/ r, /var/lib/update-notifier/ r, /var/lib/update-notifier/user.d/ r, /var/run/ r, /var/run/avahi-daemon/ r, /var/run/cups/cups.sock w, }	10 months ago	gnome	100	hbpteam	Edit	History
opensuse10.3	/etc/X11/xdm/Xsession	#include <tunables/global> /etc/X11/xdm/Xsession { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability sys_ptrace, /bin/bash ixr, /bin/grep ixr, /bin/hostname Px, /bin/ls ixmr, /bin/uname Px, /etc/X11/Xresources r, /etc/X11/xdm/Xsession mr, /etc/X11/xdm/sys.xsession Px, /etc/X11/xinit/xinitrc.common r, /etc/opt/ r, /etc/shells r, /etc/sysconfig/console r, /etc/sysconfig/language r, /etc/sysconfig/mail r, /etc/sysconfig/news r, /etc/sysconfig/proxy r, /etc/sysconfig/suseconfig r, /etc/sysconfig/windowmanager r, /home//.Xdefaults r, /home//.bashrc r, /home//.profile r, /opt/ r, /proc/ r, /proc//cmdline r, /proc//mounts r, /proc//stat r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /sbin/killall5 ixr, /usr/bin/dircolors ixmr, /usr/bin/manpath Px, /usr/bin/tty ixr, /usr/bin/xrdb Px, /usr/lib/jvm/java-1.5.0-sun-1.5.0_update12/jre/bin/java ixr, /var/log/Xorg.*.log r, }	8 months ago	Import of jmichaels profiles	46	dominic	Edit	History
ubuntu-gutsy	/usr/games/iagno	#include <tunables/global> /usr/games/iagno { #include <abstractions/base> /usr/games/iagno mr, }	10 months ago	gnome	61	hbpteam	Edit	History
opensuse10.3	/sbin/ip	#include <tunables/global> /sbin/ip flags=(complain) { #include <abstractions/base> capability sys_module, /etc/iproute2/rt_scopes r, /proc/net/ r, /proc/net/unix r, /sbin/ip mr, }	11 months ago	argh, switch things back to complain for a while	63	jmichael	Edit	History
ubuntu-gutsy	/usr/bin/gstm	#include <tunables/global> /usr/bin/gstm { #include <abstractions/base> /usr/bin/gstm mr, }	10 months ago	gnome	42	hbpteam	Edit	History
opensuse10.3	/usr/bin/hal-find-by-property	#include <tunables/global> /usr/bin/hal-find-by-property { #include <abstractions/base> #include <abstractions/dbus> /usr/bin/hal-find-by-property mr, }	8 months ago	Import of jmichaels profiles	42	dominic	Edit	History
opensuse10.3	/usr/sbin/snmpd	#include <tunables/global> /usr/sbin/snmpd { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, /dev/md* r, /dev/sd* r, /etc/hosts.allow r, /etc/hosts.deny r, /etc/mtab r, /etc/rpm/ r, /etc/rpm/macros.gconf2 r, /etc/rpm/macros.mkinitrd r, /etc/sensors.conf r, /etc/snmp/snmpd.conf r, /proc/ r, /proc//cmdline r, /proc//mounts r, /proc//stat r, /proc//status r, /proc/cmdline r, /proc/loadavg r, /proc/net/arp r, /proc/net/dev r, /proc/net/if_inet6 r, /proc/net/ipv6_route r, /proc/net/route r, /proc/net/snmp r, /proc/net/snmp6 r, /proc/net/tcp r, /proc/net/tcp6 r, /proc/net/udp r, /proc/net/udp6 r, /proc/sys/net/ipv4/ipfrag_time r, /proc/sys/net/ipv4/neigh/eth0/retrans_time_ms r, /proc/sys/net/ipv4/neigh/eth1/retrans_time_ms r, /proc/sys/net/ipv4/neigh/lo/retrans_time_ms r, /proc/sys/net/ipv6/conf/all/forwarding r, /proc/sys/net/ipv6/conf/default/hop_limit r, /proc/sys/net/ipv6/conf/eth0/forwarding r, /proc/sys/net/ipv6/conf/eth1/forwarding r, /proc/sys/net/ipv6/conf/lo/forwarding r, /proc/sys/net/ipv6/neigh/eth0/base_reachable_time_ms r, /proc/sys/net/ipv6/neigh/eth0/retrans_time_ms r, /proc/sys/net/ipv6/neigh/eth1/base_reachable_time_ms r, /proc/sys/net/ipv6/neigh/eth1/retrans_time_ms r, /proc/sys/net/ipv6/neigh/lo/base_reachable_time_ms r, /proc/sys/net/ipv6/neigh/lo/retrans_time_ms r, /proc/uptime r, /proc/vmstat r, /sys/class/hwmon/ r, /sys/class/i2c-adapter/ r, /sys/devices/pci0000:00/0000:00:1f.3/i2c-adapter/i2c-0/name r, /sys/devices/platform/coretemp.[0-9]/name r, /sys/devices/platform/coretemp.[0-9]/temp1_input r, /sys/devices/platform/coretemp.[0-9]/temp1_label r, /usr/sbin/snmpd mr, /usr/share/snmp/mibs/ r, /usr/share/snmp/mibs/* r, /var/lib/net-snmp/snmpd.0.conf w, /var/lib/net-snmp/snmpd.conf rw, /var/lib/rpm/ w, /var/lib/rpm/Packages kr, /var/log/net-snmpd.log rw, /var/run/snmpd.pid w, /var/run/utmp krw, }	5 months ago		184	arclyde	Edit	History
ubuntu-gutsy	/usr/bin/soundconverter	#include <tunables/global> /usr/bin/soundconverter { #include <abstractions/base> /usr/bin/python2.5 ix, /usr/bin/soundconverter mr, }	10 months ago	gnome	61	hbpteam	Edit	History
opensuse10.3	/etc/X11/xdm/Xsession	#include <tunables/global> /etc/X11/xdm/Xsession { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability sys_ptrace, /bin/bash ixr, /bin/grep ixr, /bin/hostname Px, /bin/ls ixmr, /bin/uname Px, /etc/X11/Xresources r, /etc/X11/xdm/Xsession mr, /etc/X11/xdm/sys.xsession Px, /etc/X11/xim r, /etc/X11/xinit/xinitrc.common r, /etc/opt/ r, /etc/shells r, /etc/sysconfig/console r, /etc/sysconfig/language r, /etc/sysconfig/mail r, /etc/sysconfig/news r, /etc/sysconfig/proxy r, /etc/sysconfig/suseconfig r, /etc/sysconfig/windowmanager r, /home//.Xdefaults r, /home//.bashrc r, /home//.profile r, /home//.xsession-errors w, /opt/ r, /proc/ r, /proc//cmdline r, /proc//mounts r, /proc//stat r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /sbin/killall5 ixr, /usr/bin/dircolors ixmr, /usr/bin/manpath Px, /usr/bin/printenv ixr, /usr/bin/tty ixr, /usr/bin/xrdb Px, /usr/lib/jvm/java-1.5.0-sun-1.5.0_update12/jre/bin/java ixr, /usr/lib/jvm/java-1.6.0.u3.sr2-sun-1.6.0.u3/bin/java ixr, /usr/lib/jvm/java-1.6.0.u3.sr2-sun-1.6.0.u3/bin/javac ixr, /usr/lib/jvm/java-1.6.0.u3.sr2-sun-1.6.0.u3/jre/bin/java ixr, /var/log/Xorg..log r, }	7 months ago	none	27	cinimod	Edit	History
opensuse10.3	/usr/sbin/apxs2	#include <tunables/global> /usr/sbin/apxs2 { #include <abstractions/base> #include <abstractions/perl> /usr/bin/perl ix, /usr/sbin/apxs2 mr, }	24 days ago	1	8	kungfu	Edit	History
opensuse10.3	/usr/sbin/dhcdbd	#include <tunables/global> /usr/sbin/dhcdbd flags=(complain) { #include <abstractions/base> #include <abstractions/dbus> /etc/HOSTNAME r, /etc/sysconfig/network/dhcp r, /sbin/dhclient Px, /usr/sbin/dhcdbd mr, /var/run/dhcdbd.pid w, }	11 months ago	argh, switch things back to complain for a while	53	jmichael	Edit	History
ubuntu-gutsy	/usr/bin/xsane	#include <tunables/global> /usr/bin/xsane { #include <abstractions/base> /usr/bin/xsane mr, }	10 months ago	gnome	57	hbpteam	Edit	History
ubuntu-gutsy	/usr/local/share/skype/skype	#include <tunables/global> /usr/local/share/skype/skype flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /etc/fonts/ r, /etc/gai.conf r, /home// r, /home//.ICEauthority r, /home//.Skype/ rw, /home//.Skype/andrey.vihrov/call256.dbb krw, /home//.Skype/andrey.vihrov/callmember256.dbb krw, /home//.Skype/andrey.vihrov/chat1024.dbb krw, /home//.Skype/andrey.vihrov/chat256.dbb w, /home//.Skype/andrey.vihrov/chat512.dbb krw, /home//.Skype/andrey.vihrov/chat8192.dbb krw, /home//.Skype/andrey.vihrov/chatmember256.dbb krw, /home//.Skype/andrey.vihrov/chatmsg1024.dbb krw, /home//.Skype/andrey.vihrov/chatmsg16384.dbb krw, /home//.Skype/andrey.vihrov/chatmsg2048.dbb krw, /home//.Skype/andrey.vihrov/chatmsg256.dbb krw, /home//.Skype/andrey.vihrov/chatmsg32768.dbb krw, /home//.Skype/andrey.vihrov/chatmsg4096.dbb krw, /home//.Skype/andrey.vihrov/chatmsg512.dbb krw, /home//.Skype/andrey.vihrov/chatmsg8192.dbb krw, /home//.Skype/andrey.vihrov/chatsync/17/173cf32a4bca229d.dat krw, /home//.Skype/andrey.vihrov/chatsync/24/240db6d0720b3edb.dat krw, /home//.Skype/andrey.vihrov/chatsync/40/40429cb8ffde1463.dat krw, /home//.Skype/andrey.vihrov/chatsync/8f/8f951f2e99c19ab1.dat krw, /home//.Skype/andrey.vihrov/chatsync/90/9063a0f774e6429e.dat krw, /home//.Skype/andrey.vihrov/chatsync/ab/ab14842e682193b1.dat krw, /home//.Skype/andrey.vihrov/chatsync/da/dafbc83711f9c6de.dat krw, /home//.Skype/andrey.vihrov/chatsync/e5/e5b3db203a9a246b.dat krw, /home//.Skype/andrey.vihrov/chatsync/f2/f2951621245ff270.dat krw, /home//.Skype/andrey.vihrov/chatsync/f7/f70d307d25227a3c.dat krw, /home//.Skype/andrey.vihrov/config.lck kw, /home//.Skype/andrey.vihrov/config.tmp krw, /home//.Skype/andrey.vihrov/config.xml krw, /home//.Skype/andrey.vihrov/contactgroup256.dbb krw, /home//.Skype/andrey.vihrov/contactgroup512.dbb krw, /home//.Skype/andrey.vihrov/dyncontent/bundle.dat krw, /home//.Skype/andrey.vihrov/dyncontent/bundle.dat-journal w, /home//.Skype/andrey.vihrov/index2.dat krw, /home//.Skype/andrey.vihrov/profile16384.dbb krw, /home//.Skype/andrey.vihrov/transfer256.dbb krw, /home//.Skype/andrey.vihrov/transfer512.dbb krw, /home//.Skype/andrey.vihrov/user1024.dbb krw, /home//.Skype/andrey.vihrov/user16384.dbb krw, /home//.Skype/andrey.vihrov/user256.dbb krw, /home//.Skype/andrey.vihrov/user32768.dbb krw, /home//.Skype/andrey.vihrov/user4096.dbb krw, /home//.Skype/andrey.vihrov/voicemail256.dbb krw, /home//.Skype/shared.lck kw, /home//.Skype/shared.tmp krw, /home//.Skype/shared.xml krw, /home//.Xauthority r, /home//.fontconfig/ r, /home//.mozilla/firefox/* r, /proc//cmdline r, /proc/interrupts r, /tmp/.ICE-unix/5907 w, /tmp/.X11-unix/X0 w, /usr/local/lib32/libQtCore.so. mr, /usr/local/lib32/libQtDBus.so.* mr, /usr/local/lib32/libQtGui.so.* mr, /usr/local/lib32/libQtNetwork.so.* mr, /usr/local/lib32/libQtXml.so.* mr, /usr/local/lib32/libdbus-1.so.* mr, /usr/local/lib32/libsigc-2.0.so.* mr, /usr/local/share/skype/ r, /usr/local/share/skype/skype mr, /usr/share/X11/XKeysymDB r, /usr/share/fonts/ r, /usr/share/icons/DMZ-White/ r, /var/cache/ r, /var/lib/** r, }	10 months ago		122	a-v	Edit	History
opensuse10.3	/usr/bin/ekiga	#include <tunables/global> /usr/bin/ekiga { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/nameservice> capability dac_override, /dev/ r, /dev/*/ r, /dev/video0 r, /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home//.ICEauthority r, /home//.Xauthority r, /home//.esd_auth r, /home//.gnome2_private/ w, /root/.esd_auth r, /root/.gnome2_private/ w, /root/.xauthOUkLN5 r, /sys/class/video4linux/ r, /tmp/* klrw, /usr/bin/ekiga mr, /usr/lib/** mr, }	4 months ago		26	CRibeiro	Edit	History
opensuse10.3	/usr/bin/hal-find-by-property	#include <tunables/global> /usr/bin/hal-find-by-property { #include <abstractions/base> #include <abstractions/dbus> /usr/bin/hal-find-by-property mr, }	7 months ago	none	35	cinimod	Edit	History
opensuse10.3	/usr/lib/control-center-2.0/novell-sysconfig-proxy-helper	#include <tunables/global> /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/sysconfig/proxy r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper mr, }	8 months ago	Import of jmichaels profiles	41	dominic	Edit	History
ubuntu-gutsy	/usr/bin/gnome-screenshot	#include <tunables/global> /usr/bin/gnome-screenshot { #include <abstractions/base> /usr/bin/gnome-screenshot mr, }	10 months ago	gnome	41	hbpteam	Edit	History
opensuse10.3	/usr/sbin/httpd2-prefork	# $Id: usr.sbin.httpd2-prefork 706 2007-05-31 06:58:22Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/perl> capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_tty_config, /dev/random r, /etc/apache2/.conf r, /etc/apache2/magic r, /etc/apache2/mod_perl-startup.pl r, /etc/apache2/ssl.crt/.crt r, /etc/apache2/ssl.key/.key r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/fstab r, /etc/mime.types r, /etc/mtab r, /etc/odbcinst.ini r, /etc/php.d/ r, /etc/php.d/ r, /etc/php.ini r, /srv/www/htdocs r, /srv/www/htdocs/ r, /srv/www/icons/.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/* r, /tmp/auth_ldap_cache.sem wl, /tmp/session_mm_apache0.sem wl, /tmp/session_mm_apache2handler0.sem wl, /usr/X11R6/lib/lib.so mr, /usr/X11R6/lib64/lib.so mr, /usr/apache2/error/* r, /usr/lib/apache2-leader/{lib,mod_}.so mr, /usr/lib/apache2-metuxmpm/{lib,mod_}.so mr, /usr/lib/apache2-prefork/{lib,mod_}.so mr, /usr/lib/apache2-worker/{lib,mod_}.so mr, /usr/lib/apache2/modules/{lib,mod_}.so mr, /usr/lib/apache2/{lib,mod_}.so mr, /usr/lib/mysql/libmysql.so* mr, /usr/lib/php/extensions/.so mr, /usr/lib/php4/.so mr, /usr/lib/python[12].[0-9]/*.{py,pyc,pth,so} mr, /usr/lib/python[12].[0-9]/site-packages r, /usr/lib/qt3/lib/lib.so* mr, /usr/lib64/apache2-leader/{lib,mod_}.so mr, /usr/lib64/apache2-metuxmpm/{lib,mod_}.so mr, /usr/lib64/apache2-prefork/{lib,mod_}.so mr, /usr/lib64/apache2-worker/{lib,mod_}.so mr, /usr/lib64/apache2/modules/{lib,mod_}.so mr, /usr/lib64/apache2/{lib,mod_}.so mr, /usr/lib64/mysql/libmysql.so mr, /usr/lib64/php/extensions/.so mr, /usr/lib64/php4/.so mr, /usr/lib64/python[12].[0-9]/*.{py,pyc,pth,so} mr, /usr/lib64/python[12].[0-9]/site-packages r, /usr/lib64/qt3/lib/lib.so* mr, /usr/local/tomcat/conf/mod_jk.conf r, /usr/local/tomcat/conf/workers-ajp12.properties r, /usr/sbin/httpd2-prefork r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /usr/share/apache2/error/* r, /usr/share/apache2/error/include/* r, /usr/share/misc/magic.mime r, /usr/share/snmp/mibs r, /usr/share/snmp/mibs/.{txt,mib} r, /usr/share/snmp/mibs/.index wr, /usr/share/ssl/openssl.cnf r, /var/lib/php/sess_ rwl, /var/lock/httpd2.lock.* wl, /var/log/apache2/* rwl, /var/log/apache2/** rwl, /var/log/httpd/ssl_scache.dir r, /var/log/httpd/ssl_scache.pag r, /var/run/httpd2.mm.* wl, /var/run/httpd2.pid wl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/* r, } /usr/sbin/httpd2-prefork//DEFAULT_URI flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/* r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /var/lib/php/sess_* rwl, /var/log/apache2/** rwl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/* r, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /*.htaccess r, /var/log/apache2/ w, }	2 months ago		18	hbree	Edit	History
opensuse10.3	/usr/bin/setxkbmap	#include <tunables/global> /usr/bin/setxkbmap flags=(complain) { #include <abstractions/base> /usr/bin/setxkbmap mr, }	11 months ago	argh, switch things back to complain for a while	56	jmichael	Edit	History
opensuse10.3	/bin/uname	#include <tunables/global> /bin/uname { #include <abstractions/base> /bin/uname mr, /proc/cpuinfo r, }	8 months ago	Import of jmichaels profiles	46	dominic	Edit	History
opensuse10.3	/usr/sbin/xend	#include <tunables/global> /usr/sbin/xend flags=(complain) { #include <abstractions/base> /usr/bin/env ix, /usr/sbin/xend mr, }	8 months ago	xend-jester	37	security	Edit	History
opensuse10.3	/usr/lib/cups/backend/usb	#include <tunables/global> /usr/lib/cups/backend/usb flags=(complain) { #include <abstractions/base> /usr/lib/cups/backend/usb mr, }	about 1 year ago	cups testing	56	dominic	Edit	History
opensuse10.3	/bin/basename	#include <tunables/global> /bin/basename flags=(complain) { #include <abstractions/base> /bin/basename mr, }	8 months ago		49	overwrite	Edit	History
opensuse10.3	/usr/lib/control-center-2.0/novell-sysconfig-proxy-helper	#include <tunables/global> /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/sysconfig/proxy r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper mr, }	7 months ago	none	27	cinimod	Edit	History
opensuse10.3	/usr/bin/bug-buddy	#include <tunables/global> /usr/bin/bug-buddy { #include <abstractions/base> /usr/bin/bug-buddy mr, }	4 months ago		29	FYPJ	Edit	History
opensuse10.3	/usr/lib/cups/backend/socket	#include <tunables/global> /usr/lib/cups/backend/socket { #include <abstractions/base> #include <abstractions/nameservice> /usr/lib/cups/backend/socket mr, }	10 months ago	ssh needed the ability to create /root/.ssh, and assorted CUPS fixes	53	crispin	Edit	History
opensuse10.3	/opt/kde3/bin/kopete	#include <tunables/global> /opt/kde3/bin/kopete { #include <abstractions/base> /opt/kde3/bin/kopete mr, /opt/kde3/lib/libso mr, /usr/lib/qt3/lib/libso mr, }	11 months ago	1	49	robsn81	Edit	History
opensuse10.3	/bin/netstat	# $Id: bin.netstat 697 2007-05-25 03:09:30Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ # evolution, amongst other things, calls this program. I didn't want to # give evolution access to significant chunks of /proc # #include <tunables/global> /bin/netstat { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability dac_override, capability dac_read_search, /bin/netstat rmix, /etc/networks r, /proc//fd/ r, /proc/net/ r, /proc/net/dev r, /proc/net/if_inet6 r, /proc/net/unix r, @{PROC} r, @{PROC}/[0-9]/cmdline r, @{PROC}/[0-9]/fd r, @{PROC}/net r, @{PROC}/net/ r, }	4 months ago	2	44	FYPJ	Edit	History
opensuse10.3	/bin/dbus-daemon	#include <tunables/global> /bin/dbus-daemon { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/nameservice> capability dac_override, capability setgid, capability setuid, /bin/dbus-daemon mr, /etc/dbus-1/session.conf r, /etc/dbus-1/system.conf r, /etc/dbus-1/system.d/ r, /etc/dbus-1/system.d/.conf r, /usr/bin/helix-dbus-server Px, /usr/lib/control-center-2.0/gnome-settings-daemon Px, /usr/lib/gnome-vfs-2.0/gnome-vfs-daemon Px, /usr/lib/notification-daemon-1.0/notification-daemon Px, /usr/share/dbus-1/services/ r, /usr/share/dbus-1/services/.service r, /var/run/dbus/pid w, }	7 months ago	none	33	cinimod	Edit	History
opensuse10.3	/usr/bin/gnomesu	#include <tunables/global> /usr/bin/gnomesu flags=(complain) { #include <abstractions/base> /usr/bin/gnomesu mr, }	11 months ago	argh, switch things back to complain for a while	53	jmichael	Edit	History
opensuse10.3	/bin/uname	#include <tunables/global> /bin/uname { #include <abstractions/base> /bin/uname mr, /proc/cpuinfo r, }	7 months ago	none	22	cinimod	Edit	History
opensuse10.3	/usr/bin/file-roller	#include <tunables/global> /usr/bin/file-roller flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /bin/bash ixr, /bin/cpio ixr, /bin/gzip ixr, /bin/tar ixr, /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home//.ICEauthority r, /home//.Xauthority r, /home//.esd_auth r, /home//.fontconfig/* r, /home//.gnome2/main rw, /home//.gnome2_private/ w, /home//.icons/ r, /home//.local/share/icons/ r, /home//.recently-used.xbel rw, /home//.recently-used.xbel.* rw, /home//Desktop/* rw, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/ar ixr, /usr/bin/bzip2 ixr, /usr/bin/file-roller mr, /usr/bin/isoinfo ixr, /usr/bin/rpm2cpio ixr, /usr/bin/uncompress ixr, /usr/bin/unzip ixr, /usr/share/file-roller/icons/ r, /usr/share/file-roller/icons/ r, /usr/share/mime/.xml r, /var/cache/libx11/compose/* r, }	11 months ago	argh, switch things back to complain for a while	56	jmichael	Edit	History
opensuse10.3	/usr/sbin/NetworkManager	#include <tunables/global> /usr/sbin/NetworkManager { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/nameservice> capability net_admin, capability net_raw, capability sys_module, network packet packet, /etc/resolv.conf w, /etc/resolv.conf.tmp rw, /etc/sysconfig/network/ r, /etc/sysconfig/network/dhcp r, /proc/net/psched r, /sbin/ip Px, /usr/lib/NetworkManager/nm-crash-logger Px, /usr/sbin/NetworkManager mr, /usr/sbin/nscd Px, /usr/sbin/wpa_supplicant Px, /var/run/NetworkManager.pid w, /var/run/NetworkManager/wpa_ctrl_* w, /var/run/wpa_supplicant-global w, /var/run/wpa_supplicant/* w, }	7 months ago	none	23	cinimod	Edit	History
ubuntu-gutsy	/usr/bin/gconftool-2	#include <tunables/global> /usr/bin/gconftool-2 { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /usr/bin/gconftool-2 mr, }	10 months ago	gnome	44	hbpteam	Edit	History
opensuse10.3	/usr/sbin/lisa	#include <tunables/global> /usr/sbin/lisa { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/winbind> capability net_raw, capability setuid, network inet raw, /bin/bash ixr, /etc/lisarc r, /proc/meminfo r, /usr/bin/nmblookup ixr, /usr/sbin/lisa mr, /var/lib/samba/unexpected.tdb r, }	10 months ago		57	JaMm	Edit	History
opensuse10.3	/usr/sbin/clamd	#include <tunables/global> /usr/sbin/clamd flags=(complain) { #include <abstractions/base> /usr/sbin/clamd mr, }	17 days ago		6	webtel	Edit	History
opensuse11.0	/usr/share/amsn/amsn	#include <tunables/global> /usr/share/amsn/amsn { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, }	2 months ago		15	josemanuel	Edit	History
opensuse10.3	/usr/bin/cal	#include <tunables/global> /usr/bin/cal { #include <abstractions/base> /usr/bin/cal mr, }	3 months ago	/var/log/apparmor/reports/cal/log	20	doknisa	Edit	History
opensuse10.3	/bin/dbus-daemon	#include <tunables/global> /bin/dbus-daemon { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability dac_override, capability setgid, capability setuid, /bin/dbus-daemon mr, /etc/dbus-1/session.conf r, /etc/dbus-1/system.conf r, /etc/dbus-1/system.d/ r, /etc/dbus-1/system.d/.conf r, /etc/opt/kde3/share/ r, /home// r, /home//.local/share/ r, /home//.strigi/.conf rw, /home//.strigi/clucene/* r, /home//.strigi/lock kw, /home//.strigi/socket w, /opt/kde3/share/ r, /usr/bin/helix-dbus-server Px, /usr/bin/knotify4 Px, /usr/bin/strigidaemon Pxmr, /usr/lib/control-center-2.0/gnome-settings-daemon Px, /usr/lib/gnome-vfs-2.0/gnome-vfs-daemon Px, /usr/lib/notification-daemon-1.0/notification-daemon Px, /usr/lib/strigi/.so mr, /usr/share/dbus-1/services/ r, /usr/share/dbus-1/services/.service r, /usr/share/strigi/** r, /var/run/dbus/pid w, }	8 months ago		34	dominic	Edit	History
opensuse10.3	/usr/bin/php5	#include <tunables/global> /usr/bin/php5 { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/php5> #include <abstractions/user-tmp> capability dac_override, /bin/bash ixr, /etc/php5/cli/* r, /proc/meminfo r, /root/.pearrc rw, /srv/www/htdocs/** r, /usr/bin/.tmppear rw, /usr/bin/cpp-4.2 px, /usr/bin/gpg2 ixr, /usr/bin/php5 ixr, /usr/include/* r, /usr/share/kolab/scripts/resmgr/* r, /usr/share/php5/** krw, /var/lib/kolab/kolab-filter/* r, /var/lib/pear/Kolab_Freebusy.xml r, /var/lib/php5/session_mm_* klrw, /var/log/kolab/filter/* w, /var/log/kolab/resmgr.log a, }	4 months ago		35	arclyde	Edit	History
opensuse10.3	/usr/sbin/NetworkManager	#include <tunables/global> /usr/sbin/NetworkManager { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/nameservice> capability net_admin, capability net_raw, capability sys_module, network packet packet, /etc/resolv.conf w, /etc/resolv.conf.tmp rw, /etc/sysconfig/network/ r, /etc/sysconfig/network/dhcp r, /proc/net/psched r, /sbin/ip Px, /usr/lib/NetworkManager/nm-crash-logger Px, /usr/sbin/NetworkManager mr, /usr/sbin/nscd Px, /usr/sbin/wpa_supplicant Px, /var/run/NetworkManager.pid w, /var/run/NetworkManager/wpa_ctrl_* w, /var/run/wpa_supplicant-global w, /var/run/wpa_supplicant/* w, }	8 months ago	Import of jmichaels profiles	37	dominic	Edit	History
opensuse10.3	/usr/sbin/httpd2-prefork	# $Id: usr.sbin.httpd2-prefork 706 2007-05-31 06:58:22Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/perl> capability dac_override, capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_tty_config, /dev/random r, /etc/apache2/.conf r, /etc/apache2/magic r, /etc/apache2/mod_perl-startup.pl r, /etc/apache2/ssl.crt/.crt r, /etc/apache2/ssl.key/.key r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/fstab r, /etc/mime.types r, /etc/mtab r, /etc/odbcinst.ini r, /etc/php.d/ r, /etc/php.d/** r, /etc/php.ini r, /etc/php5/apache2/php.ini r, /etc/php5/conf.d/ r, /etc/php5/conf.d/bcmath.ini r, /etc/php5/conf.d/bz2.ini r, /etc/php5/conf.d/calendar.ini r, /etc/php5/conf.d/ctype.ini r, /etc/php5/conf.d/curl.ini r, /etc/php5/conf.d/dba.ini r, /etc/php5/conf.d/dbase.ini r, /etc/php5/conf.d/dom.ini r, /etc/php5/conf.d/exif.ini r, /etc/php5/conf.d/ftp.ini r, /etc/php5/conf.d/gd.ini r, /etc/php5/conf.d/gettext.ini r, /etc/php5/conf.d/gmp.ini r, /etc/php5/conf.d/hash.ini r, /etc/php5/conf.d/iconv.ini r, /etc/php5/conf.d/imap.ini r, /etc/php5/conf.d/json.ini r, /etc/php5/conf.d/mbstring.ini r, /etc/php5/conf.d/mcrypt.ini r, /etc/php5/conf.d/mhash.ini r, /etc/php5/conf.d/mysql.ini r, /etc/php5/conf.d/mysqli.ini r, /etc/php5/conf.d/openssl.ini r, /etc/php5/conf.d/pdo.ini r, /etc/php5/conf.d/pdo_mysql.ini r, /etc/php5/conf.d/pdo_sqlite.ini r, /etc/php5/conf.d/sqlite.ini r, /etc/php5/conf.d/suhosin.ini r, /etc/php5/conf.d/tidy.ini r, /etc/php5/conf.d/tokenizer.ini r, /etc/php5/conf.d/xmlreader.ini r, /etc/php5/conf.d/xmlwriter.ini r, /etc/php5/conf.d/xsl.ini r, /etc/php5/conf.d/zip.ini r, /etc/php5/conf.d/zlib.ini r, /proc//attr/current w, /srv/www/htdocs r, /srv/www/htdocs/* r, /srv/www/icons/.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/* r, /tmp/auth_ldap_cache.sem wl, /tmp/session_mm_apache0.sem wl, /tmp/session_mm_apache2handler0.sem wl, /usr/X11R6/lib/lib.so mr, /usr/X11R6/lib64/lib.so mr, /usr/apache2/error/* r, /usr/lib/** mr, /usr/lib/apache2-leader/{lib,mod_}.so mr, /usr/lib/apache2-metuxmpm/{lib,mod_}.so mr, /usr/lib/apache2-prefork/{lib,mod_}.so mr, /usr/lib/apache2-worker/{lib,mod_}.so mr, /usr/lib/apache2/modules/{lib,mod_}.so mr, /usr/lib/apache2/{lib,mod_}.so mr, /usr/lib/python[12].[0-9]/.{py,pyc,pth,so} mr, /usr/lib64/apache2-leader/{lib,mod_}.so* mr, /usr/lib64/apache2-metuxmpm/{lib,mod_}.so mr, /usr/lib64/apache2-prefork/{lib,mod_}.so mr, /usr/lib64/apache2-worker/{lib,mod_}.so mr, /usr/lib64/apache2/modules/{lib,mod_}.so mr, /usr/lib64/apache2/{lib,mod_}.so mr, /usr/lib64/mysql/libmysql.so mr, /usr/lib64/php/extensions/.so mr, /usr/lib64/php4/.so mr, /usr/lib64/python[12].[0-9]/*.{py,pyc,pth,so} mr, /usr/lib64/python[12].[0-9]/site-packages r, /usr/lib64/qt3/lib/lib.so* mr, /usr/local/tomcat/conf/mod_jk.conf r, /usr/local/tomcat/conf/workers-ajp12.properties r, /usr/sbin/httpd2-prefork r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /usr/share/apache2/error/* r, /usr/share/apache2/error/include/* r, /usr/share/misc/magic.mime r, /usr/share/snmp/mibs r, /usr/share/snmp/mibs/.{txt,mib} r, /usr/share/snmp/mibs/.index wr, /usr/share/ssl/openssl.cnf r, /var/lib/php/sess_ rwl, /var/lib/php5/session_mm_apache2handler0.sem kw, /var/lock/httpd2.lock.* wl, /var/log/apache2/* rwl, /var/log/apache2/** rwl, /var/log/httpd/ssl_scache.dir r, /var/log/httpd/ssl_scache.pag r, /var/run/httpd2.mm.* wl, /var/run/httpd2.pid wl, /var/run/nscd/services r, /var/www/error/* r, /var/www/html/** r, /var/www/icons/.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/* r, } /usr/sbin/httpd2-prefork/// flags=(complain) { #include <abstractions/nameservice> /proc//attr/current w, } /usr/sbin/httpd2-prefork///favicon.ico flags=(complain) { #include <abstractions/nameservice> /proc//attr/current w, /srv/www/htdocs/favicon.ico r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork///wordpress/ flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc//attr/current w, /srv/www/htdocs/wordpress/index.php r, /srv/www/htdocs/wordpress/wp-blog-header.php r, /srv/www/htdocs/wordpress/wp-includes/classes.php r, /srv/www/htdocs/wordpress/wp-includes/functions.php r, /srv/www/htdocs/wordpress/wp-includes/plugin.php r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork///wordpress/wp-admin/css/install.css flags=(complain) { #include <abstractions/nameservice> /srv/www/htdocs/wordpress/wp-admin/css/install.css r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork///wordpress/wp-admin/setup-config.php flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc//attr/current w, /srv/www/htdocs/wordpress/wp-admin/setup-config.php r, /srv/www/htdocs/wordpress/wp-config-sample.php r, /srv/www/htdocs/wordpress/wp-includes/classes.php r, /srv/www/htdocs/wordpress/wp-includes/compat.php r, /srv/www/htdocs/wordpress/wp-includes/functions.php r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork//DEFAULT_URI flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/* r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /var/lib/php/sess_* rwl, /var/log/apache2/** rwl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/* r, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /*.htaccess r, /proc//attr/current w, /var/log/apache2/* w, }	4 months ago	httpd2	23	eviled	Edit	History
opensuse10.3	/usr/bin/ooffice	#include <tunables/global> /usr/bin/ooffice flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/bin/ooffice mr, }	10 months ago	open office	50	Falko_Gehde	Edit	History
opensuse10.3	/usr/bin/nm-applet	#include <tunables/global> /usr/bin/nm-applet { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home//.ICEauthority r, /home//.Xauthority r, /home//.esd_auth r, /home//.fontconfig/* r, /home//.gnome2_private/ w, /home//.icons/ r, /home//.local/share/icons/ r, /usr/bin/bug-buddy ixr, /usr/bin/nm-applet mr, /usr/share/nm-applet/.glade r, }	8 months ago	Import of jmichaels profiles	49	dominic	Edit	History
opensuse10.3	/bin/basename	#include <tunables/global> /bin/basename { #include <abstractions/base> /bin/basename mr, }	4 months ago	firefox2	24	vojta	Edit	History
opensuse10.3	/usr/bin/xmodmap	#include <tunables/global> /usr/bin/xmodmap flags=(complain) { #include <abstractions/X> #include <abstractions/base> /etc/X11/Xmodmap r, /usr/bin/xmodmap mr, /var/lib/gdm/* r, }	11 months ago	argh, switch things back to complain for a while	53	jmichael	Edit	History
opensuse10.3	/usr/sbin/postsuper	#include <tunables/global> /usr/sbin/postsuper flags=(complain) { #include <abstractions/base> /usr/sbin/postsuper mr, }	8 months ago	changes 6	33	security	Edit	History
ubuntu-gutsy	/usr/lib/notification-daemon/notification-daemon	#include <tunables/global> /usr/lib/notification-daemon/notification-daemon flags=(complain) { #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> #include <abstractions/user-tmp> /home//.Xauthority r, /home//.icons/ r, /proc/meminfo r, /usr/lib/** mr, /usr/local/share/icons/ r, }	10 months ago	gnome	61	hbpteam	Edit	History
opensuse10.3	/sbin/modprobe	#include <tunables/global> /sbin/modprobe { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability net_raw, capability sys_module, /bin/bash ixr, /bin/true ixr, /etc/modprobe.conf r, /etc/modprobe.conf.local r, /etc/modprobe.d/ r, /etc/modprobe.d/* r, /lib/modules/*.ko krw, /lib/modules//modules.alias r, /lib/modules/*/modules.dep r, /proc/meminfo r, /proc/modules r, /sbin/modprobe ixr, }	8 months ago	Import of jmichaels profiles	45	dominic	Edit	History
opensuse10.3	/home/dominic/bin/seed_initial_repository	#include <tunables/global> /home/dominic/bin/seed_initial_repository { #include <abstractions/base> #include <abstractions/perl> /home/dominic/bin/seed_initial_repository mr, /usr/bin/perl ix, }	7 months ago	none	26	cinimod	Edit	History
opensuse10.3	/usr/bin/nm-applet	#include <tunables/global> /usr/bin/nm-applet { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home//.ICEauthority r, /home//.Xauthority r, /home//.esd_auth r, /home//.fontconfig/* r, /home//.gnome2_private/ w, /home//.icons/ r, /home//.local/share/icons/ r, /usr/bin/bug-buddy ixr, /usr/bin/nm-applet mr, /usr/share/nm-applet/.glade r, }	7 months ago	none	29	cinimod	Edit	History
opensuse10.3	/sbin/route	#include <tunables/global> /sbin/route { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, /proc/net/route r, /sbin/route mr, }	7 months ago	none	22	cinimod	Edit	History
ubuntu-gutsy	/usr/lib/bonobo-activation/bonobo-activation-server	#include <tunables/global> /usr/lib/bonobo-activation/bonobo-activation-server { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/bonobo-activation/.xml r, /etc/sound/events/.soundlist r, /home//.Trash/ r, /home//.Xauthority r, /home//.gnome/gnome-vfs/.trash_entry_cache rw, /home//.gnome2_private/ w, /home//.icons/ r, /proc//mounts r, /proc/meminfo r, /tmp/orbit-void/bonobo-activation-register.lock klrw, /usr/lib/bonobo-activation/bonobo-activation-server mr, /usr/lib/deskbar-applet/deskbar-applet Px, /usr/lib/evolution/2.12/evolution-exchange-storage Px, /usr/lib/evolution/evolution-data-server-1.12 Px, /usr/lib/fast-user-switch-applet/fast-user-switch-applet Px, /usr/lib/gnome-applets/mixer_applet2 ixr, /usr/lib/gnome-applets/trashapplet ixr, /usr/local/share/icons/ r, /usr/share/gnome-2.0/ui/*.xml r, }	10 months ago	gnome	69	hbpteam	Edit	History
opensuse10.3	/usr/bin/qemu	#include <tunables/global> /usr/bin/qemu flags=(complain) { #include <abstractions/base> /usr/bin/qemu mr, }	9 months ago		48	caschi	Edit	History
opensuse10.3	/usr/bin/evince	#include <tunables/global> /usr/bin/evince { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> capability dac_override, capability setgid, capability setuid, / r, /Archiv/ r, /Archiv/** rw, /etc/gai.conf r, /etc/ghostscript/8.15/Fontmap r, /etc/ghostscript/8.15/Fontmap.X11-auto r, /etc/ghostscript/8.15/cidfmap r, /etc/ghostscript/8.15/xlatmap r, /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/sound/events/gtk-events-2.soundlist r, /etc/xpdfrc r, /etc/xpdfrc-cjk r, /etc/xpdfrc-cjk-auto r, /etc/xpdfrc-cjk.sjis r, /home// r, /home//.ICEauthority r, /home//.Xauthority r, /home//.bash_history r, /home//.bashrc r, /home//.beagle/socket w, /home//.cedegarc r, /home//.config/gtk-2.0/gtkfilechooser.ini rw, /home//.config/gtk-2.0/gtkfilechooser.ini.0S3G2T rw, /home//.config/gtk-2.0/gtkfilechooser.ini.66SB2T rw, /home//.config/gtk-2.0/gtkfilechooser.ini.9HHL1T rw, /home//.config/gtk-2.0/gtkfilechooser.ini.Q0VH2T rw, /home//.config/gtk-2.0/gtkfilechooser.ini.UPEH2T rw, /home//.dmrc r, /home//.dvipsrc r, /home//.emacs r, /home//.esd_auth r, /home//.exrc r, /home//.fontconfig/ r, /home//.gnome2/accels/evince rw, /home//.gnome2/evince/ev-metadata.xml rw, /home//.gnome2/evince/print-settings rw, /home//.gnome2/evince/print-settings.* rw, /home//.gnome2_private/ w, /home//.gpilotd.pid r, /home//.gtkrc-1.2-gnome2 r, /home//.icons/ r, /home//.inputrc r, /home//.kermrc r, /home//.local/share/icons/ r, /home//.local/share/mime/aliases r, /home//.local/share/mime/globs r, /home//.local/share/mime/magic r, /home//.local/share/mime/mime.cache r, /home//.local/share/mime/subclasses r, /home//.mailcap r, /home//.muttrc r, /home//.opensuse-updater-gnome r, /home//.profile r, /home//.realplayerrc r, /home//.recently-used r, /home//.recently-used.xbel rw, /home//.recently-used.xbel.* rw, /home//.urlview r, /home//.viminfo r, /home//.windows-label r, /home//.xcoralrc r, /home//.xim.template r, /home//.xinitrc.template r, /home//.xsession-errors r, /home//.xtalkrc r, /home//Desktop/ rw, /home//Desktop/*.pdf rw, /proc//mounts r, /proc/meminfo r, /root/.esd_auth r, /root/.gnome2/accels/evince rw, /root/.gnome2/evince/ w, /root/.gnome2_private/ w, /root/.local/share/mime/aliases r, /root/.local/share/mime/globs r, /root/.local/share/mime/magic r, /root/.local/share/mime/mime.cache r, /root/.local/share/mime/subclasses r, /root/.recently-used.xbel.FXVN3T rw, /root/.recently-used.xbel.WCCU3T rw, /root/.recently-used.xbel.X1XL3T rw, /root/.recently-used.xbel.XLCN3T rw, /root/.xauthQESsMm r, /usr/bin/bug-buddy ixr, /usr/bin/evince mr, /usr/bin/gs ixr, /usr/lib/ mr, /usr/share/evince/evince-toolbar.xml r, /usr/share/evince/evince-ui.xml r, /usr/share/evince/icons/ r, /usr/share/evince/icons/hicolor/ r, /usr/share/ghostscript/8.15/Resource/CMap/ r, /usr/share/ghostscript/8.15/lib/.ps r, /usr/share/ghostscript/8.15/lib/Fontmap.GS r, /usr/share/ghostscript/8.15/lib/Fontmap.rus r, /usr/share/ghostscript/8.15/lib/cjkv/.ps r, /usr/share/ghostscript/8.15/lib/escp_24.src r, /usr/share/locale-bundle/de/LC_MESSAGES/atk10.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/evince.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/glib20.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gnome-vfs-2.0.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20-properties.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libbonobo-2.0.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libgnomeui-2.0.mo r, /usr/share/mime/application/octet-stream.xml r, /usr/share/mime/application/pdf.xml r, /usr/share/mime/application/vnd.oasis.opendocument.spreadsheet.xml r, /usr/share/mime/application/vnd.oasis.opendocument.text.xml r, /usr/share/mime/application/x-compressed-tar.xml r, /usr/share/mime/application/x-deb.xml r, /usr/share/mime/application/x-mozilla-bookmarks.xml r, /usr/share/mime/application/x-shellscript.xml r, /usr/share/mime/application/x-xbel.xml r, /usr/share/mime/application/xml.xml r, /usr/share/mime/application/zip.xml r, /usr/share/mime/inode/directory.xml r, /usr/share/mime/text/plain.xml r, /usr/share/mime/text/x-csrc.xml r, /usr/share/mime/text/x-log.xml r, /usr/share/xpdf/** r, /var/cache/libx11/compose/* r, /var/run/cups/cups.sock w, /var/run/nscd/services r, }	8 months ago		53	overwrite	Edit	History
opensuse10.3	/usr/bin/skype	#include <tunables/global> /usr/bin/skype { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/freedesktop.org> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gai.conf r, /home//.Skype/ rw, /home//.Skype/** krw, /home//.config/Trolltech.conf kr, /home//.fontconfig/** r, /home//.kde/share/config/kioslaverc r, /proc/interrupts r, /usr/bin/skype mr, /usr/share/skype/* kr, /var/cache/libx11/compose/l4_024_313cb605_00280cc0 r, }	8 months ago		32	orat	Edit	History
opensuse10.3	/sbin/modprobe	#include <tunables/global> /sbin/modprobe { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability net_raw, capability sys_module, /bin/bash ixr, /bin/true ixr, /etc/modprobe.conf r, /etc/modprobe.conf.local r, /etc/modprobe.d/ r, /etc/modprobe.d/* r, /lib/modules/*.ko krw, /lib/modules//modules.alias r, /lib/modules/*/modules.dep r, /proc/meminfo r, /proc/modules r, /sbin/modprobe ixr, }	7 months ago	none	21	cinimod	Edit	History
opensuse10.3	/usr/sbin/sshd	#include <tunables/global> /usr/sbin/sshd flags=(complain) { #include <abstractions/base> /usr/sbin/sshd mr, }	10 months ago		74	sebastian	Edit	History
opensuse10.3	/usr/lib/firefox/firefox.sh	#include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/lib/firefox/firefox.sh mr, }	10 months ago	firefox	66	Falko_Gehde	Edit	History
ubuntu-gutsy	/usr/bin/gtkterm	#include <tunables/global> /usr/bin/gtkterm { #include <abstractions/base> /usr/bin/gtkterm mr, }	10 months ago	gnome	42	hbpteam	Edit	History
opensuse10.3	/etc/apparmor/profiles/extras/usr.bin.opera	#include <tunables/global> /etc/apparmor/profiles/extras/usr.bin.opera flags=(complain) { #include <abstractions/base> /etc/apparmor/profiles/extras/usr.bin.opera mr, }	9 months ago	opera	55	gs222gs	Edit	History
opensuse10.3	/usr/lib/cups/backend/hal	#include <tunables/global> /usr/lib/cu