| Distribution | Name | Profile | Created At | Changelog | View Count | Username | |||
| opensuse10.3 | /sbin/dhclient | #include <tunables/global> /sbin/dhclient { #include <abstractions/base> capability net_bind_service, capability net_raw, network inet dgram, network packet packet, /etc/dhclient.conf r, /etc/resolv.conf w, /etc/resolv.conf.saved.by.dhclient rw, /proc/net/dev r, /sbin/dhclient mr, /sbin/dhclient-script Px, /var/lib/dhcp/dhclient-*.leases rw, /var/lib/dhcp/dhclient.leases rw, /var/run/dhclient-*.pid rw, /var/run/dhclient.pid rw, /var/run/nscd/services r, /var/run/nscd/socket w, } | over 4 years ago | none | 362 | cinimod | Edit | History | |
| opensuse10.3 | /usr/bin/bug-buddy | #include <tunables/global> /usr/bin/bug-buddy { #include <abstractions/base> /usr/bin/bug-buddy mr, } | over 2 years ago | 255 | cattoire | Edit | History | ||
| opensuse11.0 | /usr/bin/playonlinux | #include <tunables/global> /usr/bin/playonlinux flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, } | over 3 years ago | playonlinux | 288 | chrieder | Edit | History | |
| opensuse10.3 | /opt/kde3/bin/kmail | #include <tunables/global> /opt/kde3/bin/kmail flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/kde> #include <abstractions/nameservice> / r, /bin/bash ixr, /cur/tmp/** lrw, /dat/dMisc/KMail/ w, /dat/dMisc/KMail/** lrw, /etc/* r, /etc/X11/* r, /home/*/** rw, /home/*/.gnupg/pubring.kbx.lock lrw, /home/*/.kde/share/** lrw, /home/*/.qt/* krw, /opt/kde3/** r, /opt/kde3/bin/kaddressbook Ux, /opt/kde3/bin/kioexec px, /opt/kde3/bin/kleopatra Px, /opt/kde3/bin/kmail mr, /opt/kde3/bin/kmailcvt Px, /opt/kde3/bin/kwatchgnupg Px, /opt/kde3/lib/** mr, /proc/** r, /usr/bin/aspell Ux, /usr/bin/gpg2 Px, /usr/bin/gpgsm mpxr, /usr/share/** r, /var/cache/** r, } | over 3 years ago | internet radio u.a. | 312 | shivver-fox | Edit | History | |
| opensuse10.3 | /usr/sbin/vmware-serverd | #include <tunables/global> /usr/sbin/vmware-serverd flags=(complain) { #include <abstractions/base> /usr/sbin/vmware-serverd mr, } | over 4 years ago | vmware_server_delta | 365 | jfernandez | Edit | History | |
| opensuse10.3 | /etc/X11/xinit/xinitrc.d/sabayon-xinitrc.sh | #include <tunables/global> /etc/X11/xinit/xinitrc.d/sabayon-xinitrc.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/X11/xinit/xinitrc.d/sabayon-xinitrc.sh mr, /proc/meminfo r, /usr/sbin/sabayon-apply Px, } | over 4 years ago | few more changes to get gnome session working elsewhere | 400 | jmichael | Edit | History | |
| opensuse11.0 | /usr/sbin/httpd2-prefork | #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> ^DEFAULT_URI flags=(complain) { } ^HANDLING_UNTRUSTED_INPUT flags=(complain) { } } | over 2 years ago | httpd2-prefork | 206 | zmord | Edit | History | |
| opensuse10.3 | /usr/lib/gnome-panel/mixer_applet2 | #include <tunables/global> /usr/lib/gnome-panel/mixer_applet2 flags=(complain) { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /home/*/.gstreamer-0.10/registry.i686.xml r, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /proc/meminfo r, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/lib/gnome-panel/mixer_applet2 mr, /usr/share/gnome-2.0/ui/GNOME_MixerApplet.xml r, } | over 4 years ago | some bug-buddy rules and other misc updates | 363 | jmichael | Edit | History | |
| opensuse10.3 | /usr/bin/gnome-open | #include <tunables/global> /usr/bin/gnome-open { #include <abstractions/base> /usr/bin/gnome-open mr, } | over 4 years ago | none | 323 | cinimod | Edit | History | |
| opensuse10.3 | /opt/kde3/bin/kaffeine | #include <tunables/global> /opt/kde3/bin/kaffeine { #include <abstractions/base> #include <abstractions/nameservice> / r, /bin/ r, /boot/ r, /dev/ r, /dev/snd/* rw, /dev/sr0 r, /etc/ r, /etc/X11/kstylerc r, /etc/X11/qt_plugins_3.3rc r, /etc/X11/qtrc r, /etc/exports r, /etc/fonts/** r, /etc/fstab r, /etc/kde3rc r, /etc/mtab r, /etc/opt/kde3/share/config/kioslaverc r, /etc/opt/kde3/share/icons/**/ r, /etc/rpc r, /etc/security/fileshare.conf r, /home/ r, /home/*/** r, /home/*/.dvdcss/* rw, /home/*/.kde/share/apps/kaffeine/** rw, /home/*/.kde/share/config/* lrw, /home/*/.qt/* krw, /home/*/.xine/catalog.cache rw, /home/*/.xine/config rw, /home/*/.xine/config~ w, /lib/ r, /lib64/ r, /media/ r, /media/** r, /mnt/ r, /opt/ r, /opt/kde3/bin/kaffeine mr, /opt/kde3/lib/kde3/plugins/styles/ r, /opt/kde3/lib64/* mr, /opt/kde3/lib64/kde3/* mr, /opt/kde3/lib64/kde3/plugins/styles/ r, /opt/kde3/lib64/kde3/plugins/styles/* mr, /opt/kde3/share/apps/kaffeine/** r, /opt/kde3/share/config/kdeglobals r, /opt/kde3/share/config/profilerc r, /opt/kde3/share/config/ui/ui_standards.rc r, /opt/kde3/share/icons/** r, /opt/kde3/share/locale-bundle/nb/LC_MESSAGES/* r, /opt/kde3/share/locale/nb/LC_MESSAGES/* r, /proc/ r, /sbin/ r, /srv/ r, /sys/ r, /tmp/ r, /tmp/.ICE-unix/* w, /tmp/.X11-unix/* w, /tmp/ksocket-n5/* w, /usr/ r, /usr/lib64/** mr, /usr/share/X11/* r, /usr/share/X11/locale/* r, /usr/share/X11/locale/en_US.UTF-8/* r, /usr/share/alsa/** r, /usr/share/desktop-data/qtrc r, /usr/share/fonts/** r, /usr/share/icons/** r, /usr/share/xine/** r, /var/ r, /var/cache/fontconfig/* r, /var/cache/libx11/compose/* r, /var/tmp/kdecache-n5/ksycoca r, /vol/ r, /vol/** r, /windows/ r, } | over 4 years ago | 442 | kijo387 | Edit | History | ||
| ubuntu-gutsy | /usr/bin/bluetooth-applet | #include <tunables/global> /usr/bin/bluetooth-applet { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/nameservice> #include <abstractions/user-tmp> /home/*/.Xauthority r, /usr/bin/bluetooth-applet mr, } | over 4 years ago | gnome | 374 | hbpteam | Edit | History | |
| ubuntu-gutsy | /usr/bin/xdpyinfo | #include <tunables/global> /usr/bin/xdpyinfo { #include <abstractions/X> #include <abstractions/base> /home/*/.Xauthority r, /usr/bin/xdpyinfo mr, } | over 4 years ago | gnome | 360 | hbpteam | Edit | History | |
| opensuse10.3 | /usr/bin/metacity | #include <tunables/global> /usr/bin/metacity flags=(complain) { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.fontconfig/* r, /home/*/.metacity/sessions/* w, /proc/meminfo r, /usr/bin/bug-buddy ixr, /usr/bin/metacity mr, } | over 4 years ago | some bug-buddy rules and other misc updates | 363 | jmichael | Edit | History | |
| opensuse10.3 | /usr/bin/net | #include <tunables/global> /usr/bin/net { #include <abstractions/base> network inet dgram, /etc/samba/dhcp.conf r, /etc/samba/smb.conf r, /usr/bin/net mr, } | over 4 years ago | none | 346 | cinimod | Edit | History | |
| opensuse10.3 | /sbin/dhclient | #include <tunables/global> /sbin/dhclient { #include <abstractions/base> capability net_bind_service, capability net_raw, network inet dgram, network packet packet, /etc/dhclient.conf r, /etc/resolv.conf w, /etc/resolv.conf.saved.by.dhclient rw, /proc/net/dev r, /sbin/dhclient mr, /sbin/dhclient-script Px, /var/lib/dhcp/dhclient-*.leases rw, /var/lib/dhcp/dhclient.leases rw, /var/run/dhclient-*.pid rw, /var/run/dhclient.pid rw, /var/run/nscd/services r, /var/run/nscd/socket w, } | over 4 years ago | Import of jmichaels profiles | 330 | dominic | Edit | History | |
| opensuse11.0 | /usr/sbin/sshd | # $Id: usr.sbin.sshd 697 2007-05-25 03:09:30Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ # will need to revalidate this profile once we finish re-architecting # the change_hat patch. # #include <tunables/global> /usr/sbin/sshd flags=(complain) { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/wutmp> capability chown, capability fowner, capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_chroot, capability sys_tty_config, /bin/ash Ux, /bin/bash Ux, /bin/bash2 Ux, /bin/bsh Ux, /bin/csh Ux, /bin/ksh Ux, /bin/sh Ux, /bin/tcsh Ux, /bin/zsh Ux, /dev/ptmx rw, /dev/pts/[0-9]* rw, /dev/urandom r, /etc/environment r, /etc/hosts.allow r, /etc/hosts.deny r, /etc/modules.conf r, /etc/motd r, /etc/ssh/* r, /etc/ssh/moduli r, /sbin/nologin Ux, /tmp/ssh-*/agent.[0-9]* rwl, /tmp/ssh-*[0-9]*/ w, /usr/sbin/sshd mrix, /var/run w, /var/run/sshd{,.init}.pid wl, @{HOME}/.ssh/authorized_keys{,2} r, @{PROC}/[0-9]*/fd/ r, @{PROC}/[0-9]*/loginuid w, @{PROC}/[0-9]*/mounts r, ^AUTHENTICATED flags=(complain) { #include <abstractions/authentication> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/wutmp> capability setgid, capability setuid, capability sys_tty_config, /dev/log w, /dev/ptmx rw, /etc/default/passwd r, /etc/localtime r, /etc/login.defs r, /etc/motd r, /tmp/ssh-*/agent.[0-9]* rwl, /tmp/ssh-*[0-9]*/ w, } ^EXEC flags=(complain) { #include <abstractions/base> /bin/ash Ux, /bin/bash Ux, /bin/bash2 Ux, /bin/bsh Ux, /bin/csh Ux, /bin/ksh Ux, /bin/sh Ux, /bin/tcsh Ux, /bin/zsh Ux, /sbin/nologin Ux, } ^PRIVSEP flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> capability setgid, capability setuid, capability sys_chroot, } ^PRIVSEP_MONITOR flags=(complain) { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/wutmp> capability chown, capability setgid, capability setuid, /dev/ptmx rw, /dev/pts/[0-9]* rw, /dev/urandom r, /etc/hosts.allow r, /etc/hosts.deny r, /etc/ssh/moduli r, @{HOME}/.ssh/authorized_keys{,2} r, @{PROC}/[0-9]*/mounts r, } } | over 2 years ago | 271 | liviudm | Edit | History | ||
| opensuse10.3 | /opt/google-earth/googleearth-bin | #include <tunables/global> /opt/google-earth/googleearth-bin { #include <abstractions/base> /opt/google-earth/googleearth-bin mr, /opt/google-earth/libQt3Support.so.* mr, /opt/google-earth/libQtCore.so.* mr, /opt/google-earth/libQtGui.so.* mr, /opt/google-earth/libQtNetwork.so.* mr, /opt/google-earth/libQtSql.so.* mr, /opt/google-earth/libQtXml.so.* r, /opt/google-earth/libQtXml.so.4 mr, /opt/google-earth/libbase.so r, /opt/google-earth/libgcc_s.so.* mr, /opt/google-earth/libgoogleearth_lib.so mr, /opt/google-earth/libstdc\+\+.so.* r, /opt/google-earth/libstdc\+\+.so.6 mr, } | over 3 years ago | 306 | mathias | Edit | History | ||
| ubuntu-gutsy | /opt/grisoft/avg7/bin/avgscan | #include <tunables/global> /opt/grisoft/avg7/bin/avgscan { #include <abstractions/base> #include <abstractions/nameservice> capability dac_override, / r, /opt/grisoft/avg7/bin/avgscan mr, /opt/grisoft/avg7/data/ r, /opt/grisoft/avg7/data/* rw, /opt/grisoft/avg7/etc/* r, /opt/grisoft/avg7/etc/antispam/ r, /opt/grisoft/avg7/etc/antispam/* rw, /opt/grisoft/avg7/lib/lib*so* mr, /opt/grisoft/lib/lib*so* mr, /tmp/* w, /var/lib/amavis/tmp/** rw, /var/run/avgd.pgrp w, } | over 3 years ago | 265 | stive | Edit | History | ||
| opensuse11.0 | /usr/bin/ktorrent | #include <tunables/global> /usr/bin/ktorrent flags=(complain) { #include <abstractions/base> /usr/bin/ktorrent r, } | over 3 years ago | 296 | vismedaki | Edit | History | ||
| opensuse10.3 | /usr/lib/GConf/2/gconfd-2 | # $Id: usr.lib.GConf.2.gconfd-2 735 2007-06-11 05:17:30Z seth_arnold $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/lib/GConf/2/gconfd-2 flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /cur/tmp/ r, /cur/tmp/** klrw, /etc/gconf/** r, /home/**/ r, /usr/lib/GConf/2/gconfd-2 rmix, /usr/lib/GConf/2/libgconfbackend-xml.so mr, /usr/lib64/GConf/2/libgconfbackend-xml.so mr, /usr/share/locale/** r, @{HOME}/.gconf r, @{HOME}/.gconf/** lrw, @{HOME}/.gconfd/** lrw, } | over 3 years ago | internet radio u.a. | 300 | shivver-fox | Edit | History | |
| opensuse10.3 | /usr/bin/ncftp | #include <tunables/global> /usr/bin/ncftp { #include <abstractions/base> /usr/bin/ncftp mr, } | over 3 years ago | ncftp2 | 275 | SamCurt | Edit | History | |
| opensuse10.3 | /usr/bin/gnome-volume-manager | #include <tunables/global> /usr/bin/gnome-volume-manager { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.Xauthority r, /home/*/.gnome2_private/ w, /proc/*/mounts r, /usr/bin/bug-buddy ixr, /usr/bin/gnome-volume-manager mr, /var/run/resmgr/classes/desktop/ r, } | over 4 years ago | none | 291 | cinimod | Edit | History | |
| opensuse10.3 | /usr/bin/gnome-open | #include <tunables/global> /usr/bin/gnome-open { #include <abstractions/base> /usr/bin/gnome-open mr, } | over 4 years ago | Import of jmichaels profiles | 327 | dominic | Edit | History | |
| opensuse10.3 | /usr/bin/net | #include <tunables/global> /usr/bin/net { #include <abstractions/base> network inet dgram, /etc/samba/dhcp.conf r, /etc/samba/smb.conf r, /usr/bin/net mr, } | over 4 years ago | Import of jmichaels profiles | 363 | dominic | Edit | History | |
| ubuntu-gutsy | /usr/bin/devhelp | #include <tunables/global> /usr/bin/devhelp { #include <abstractions/base> /usr/bin/devhelp mr, } | over 4 years ago | gnome | 339 | hbpteam | Edit | History | |
| opensuse11.0 | /usr/lib/firefox/firefox.sh | #include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> deny capability sys_ptrace, /bin/basename rix, /bin/bash rix, /bin/grep rix, /etc/magic r, /usr/bin/file rix, /usr/lib/firefox/firefox px, /usr/share/misc/magic.mgc r, } | over 2 years ago | /home/docs/apparmor.log | 269 | raulliborio | Edit | History | |
| opensuse10.3 | /usr/lib/evolution/2.12/evolution-alarm-notify | #include <tunables/global> /usr/lib/evolution/2.12/evolution-alarm-notify { #include <abstractions/base> /usr/lib/evolution/2.12/evolution-alarm-notify mr, } | over 4 years ago | none | 324 | cinimod | Edit | History | |
| opensuse11.0 | /usr/sbin/traceroute | #include <tunables/global> /usr/sbin/traceroute { #include <abstractions/base> #include <abstractions/nameservice> /usr/sbin/traceroute r, } | about 1 year ago | 197 | xxxx | Edit | History | ||
| ubuntu-gutsy | /etc/cron.daily/aptitude | #include <tunables/global> /etc/cron.daily/aptitude { #include <abstractions/base> /bin/cp ixr, /bin/dash ixr, /bin/date ixr, /bin/gzip ixr, /bin/mv ixr, /bin/rm ixr, /bin/which ixr, /etc/cron.daily/aptitude mr, /proc/*/mounts r, /proc/filesystems r, /usr/bin/basename ixr, /usr/bin/cmp ixr, /usr/bin/dirname ixr, /usr/bin/savelog ixr, /var/backups/* rw, /var/lib/aptitude/pkgstates r, } | over 2 years ago | 239 | stive | Edit | History | ||
| opensuse10.3 | /usr/bin/gnome-volume-manager | #include <tunables/global> /usr/bin/gnome-volume-manager { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.Xauthority r, /home/*/.gnome2_private/ w, /proc/*/mounts r, /usr/bin/bug-buddy ixr, /usr/bin/gnome-volume-manager mr, /var/run/resmgr/classes/desktop/ r, } | over 4 years ago | Import of jmichaels profiles | 296 | dominic | Edit | History | |
| ubuntu-gutsy | /usr/bin/ssh | #include <tunables/global> /usr/bin/ssh flags=(complain) { #include <abstractions/base> /usr/bin/ssh mr, } | over 4 years ago | U | 371 | roger | Edit | History | |
| opensuse11.0 | /usr/share/amsn/amsn | #include <tunables/global> /usr/share/amsn/amsn flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, } | over 2 years ago | amsn | 305 | rey_buzz | Edit | History | |
| ubuntu-gutsy | /etc/cron.daily/mlocate | #include <tunables/global> /etc/cron.daily/mlocate { #include <abstractions/base> capability chown, capability dac_override, capability dac_read_search, capability fowner, capability fsetid, capability sys_admin, / r, /**/ r, /bin/dash ixr, /etc/cron.daily/mlocate mr, /etc/group r, /etc/mtab r, /etc/nsswitch.conf r, /etc/updatedb.conf r, /proc/*/mounts r, /usr/bin/ionice ixr, /usr/bin/updatedb.mlocate ixr, /var/lib/mlocate/* rw, } | over 3 years ago | 266 | stive | Edit | History | ||
| opensuse10.3 | /usr/bin/xfs | #include <tunables/global> /usr/bin/xfs { #include <abstractions/base> capability setgid, capability setuid, network inet, network inet6, /etc/X11/fontpath.d rk, /etc/X11/fontpath.d/ rk, /etc/X11/fontpath.d/** r, /etc/X11/fs/config r, /etc/group r, /etc/ld.so.preload r, /etc/nsswitch.conf r, /etc/passwd r, /etc/services r, /home/*/.fontconfig r, /home/*/.fonts/** r, /tmp/ rw, /tmp/.font-unix rwlk, /tmp/.font-unix/ rwlk, /tmp/.font-unix/** rwlk, /usr/bin/xfs mr, /usr/share/fonts/** r, /usr/share/lilypond/2.11.40/fonts/** r, /var/db/nscd/group r, /var/db/nscd/passwd r, /var/db/nscd/services r, /var/fonts2/** r, /var/run/dbus/system_bus_socket rw, /var/run/nscd/services r, /var/run/nscd/socket rw, /var/run/xfs.pid rwl, } | over 3 years ago | 326 | hello | Edit | History | ||
| opensuse10.3 | /usr/local/BGRadiusDialup/radius.sh | #include <tunables/global> /usr/local/BGRadiusDialup/radius.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> /bin/bash ixr, /dev/tty rw, /etc/sysconfig/clock r, /proc/*/maps r, /proc/meminfo r, /proc/net/if_inet6 r, /proc/net/ipv6_route r, /proc/stat r, /tmp/** mrw, /usr/bin/nohup ixr, /usr/bin/readlink ixr, /usr/lib64/** mr, /usr/lib64/jvm/java-1.6.0.u4-sun-1.6.0.u4/jre/bin/java ixr, /usr/lib64/jvm/java-1.6.0.u4-sun-1.6.0.u4/jre/bin/java.bin ixr, /usr/local/BGRadiusDialup/dictionary.xml r, /usr/local/BGRadiusDialup/lib/ r, /usr/local/BGRadiusDialup/lib/activation.jar mr, /usr/local/BGRadiusDialup/lib/bsh-1.3.0.jar mr, /usr/local/BGRadiusDialup/lib/commons-collections.jar mr, /usr/local/BGRadiusDialup/lib/commons-dbcp-1.1.jar mr, /usr/local/BGRadiusDialup/lib/commons-pool-1.1.jar mr, /usr/local/BGRadiusDialup/lib/dialup.jar mr, /usr/local/BGRadiusDialup/lib/dnsjava.jar mr, /usr/local/BGRadiusDialup/lib/gnu-crypto.jar mr, /usr/local/BGRadiusDialup/lib/log4j-1.2.8.jar mr, /usr/local/BGRadiusDialup/lib/mail.jar mr, /usr/local/BGRadiusDialup/lib/mysql-5.0.3.jar mr, /usr/local/BGRadiusDialup/lib/snmp4_13.jar mr, /usr/local/BGRadiusDialup/lib/xalan.jar mr, /usr/local/BGRadiusDialup/lib/xercesImpl.jar mr, /usr/local/BGRadiusDialup/log/collector.log w, /usr/local/BGRadiusDialup/log/connection.log w, /usr/local/BGRadiusDialup/log/netflow.log w, /usr/local/BGRadiusDialup/log/processor.log w, /usr/local/BGRadiusDialup/log/radius.log w, /usr/local/BGRadiusDialup/log/radius.out w, /usr/local/BGRadiusDialup/log/script.log w, /usr/local/BGRadiusDialup/log4j_radius.properties r, /usr/local/BGRadiusDialup/radius.properties r, /usr/local/BGRadiusDialup/radius.sh mr, /usr/share/zoneinfo/ r, } | over 3 years ago | andrew | 278 | gankov | Edit | History | |
| opensuse10.3 | /usr/bin/totem-video-thumbnailer | #include <tunables/global> /usr/bin/totem-video-thumbnailer flags=(complain) { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /home/*/.gstreamer-0.10/registry.i686.xml r, /home/*/Desktop/** r, /usr/bin/totem-video-thumbnailer mr, } | over 4 years ago | argh, switch things back to complain for a while | 329 | jmichael | Edit | History | |
| ubuntu-gutsy | /usr/bin/Xorg | #include <tunables/global> /usr/bin/Xorg flags=(complain) { #include <abstractions/base> #include <abstractions/nvidia> #include <abstractions/user-tmp> capability dac_override, capability ipc_owner, capability setgid, capability setuid, capability sys_admin, capability sys_rawio, capability sys_tty_config, /bin/dash Px, /dev/input/mice rw, /dev/mem r, /dev/tty0 w, /dev/tty7 rw, /etc/X11/xorg.conf r, /etc/X11/xserver/SecurityPolicy r, /home/*/.gnome2/share/cursor-fonts/fonts.dir r, /home/void/.gnome2/share/fonts/** r, /proc/bus/pci/00/00.0 r, /proc/bus/pci/00/01.0 r, /proc/bus/pci/00/01.1 r, /proc/bus/pci/00/02.0 r, /proc/bus/pci/00/02.1 r, /proc/bus/pci/00/02.2 r, /proc/bus/pci/00/05.0 r, /proc/bus/pci/00/06.0 r, /proc/bus/pci/00/08.0 r, /proc/bus/pci/00/0a.0 r, /proc/bus/pci/00/0b.0 rw, /proc/bus/pci/00/0e.0 r, /proc/bus/pci/00/18.0 r, /proc/bus/pci/00/18.1 r, /proc/bus/pci/00/18.2 r, /proc/bus/pci/00/18.3 r, /proc/bus/pci/01/00.0 rw, /proc/bus/pci/02/08.0 r, /proc/bus/pci/02/08.1 r, /proc/bus/pci/02/0a.0 r, /proc/driver/nvidia/registry r, /proc/meminfo r, /proc/modules r, /sys/bus/pci/devices/ r, /sys/devices/pci0000:00/0000:00:00.0/resource r, /sys/devices/pci0000:00/0000:00:01.0/resource r, /sys/devices/pci0000:00/0000:00:01.1/resource r, /sys/devices/pci0000:00/0000:00:02.0/resource r, /sys/devices/pci0000:00/0000:00:02.1/resource r, /sys/devices/pci0000:00/0000:00:02.2/resource r, /sys/devices/pci0000:00/0000:00:05.0/resource r, /sys/devices/pci0000:00/0000:00:06.0/resource r, /sys/devices/pci0000:00/0000:00:08.0/resource r, /sys/devices/pci0000:00/0000:00:0a.0/resource r, /sys/devices/pci0000:00/0000:00:0b.0/0000:01:00.0/resource r, /sys/devices/pci0000:00/0000:00:0b.0/resource r, /sys/devices/pci0000:00/0000:00:0e.0/0000:02:08.0/resource r, /sys/devices/pci0000:00/0000:00:0e.0/0000:02:08.1/resource r, /sys/devices/pci0000:00/0000:00:0e.0/0000:02:0a.0/resource r, /sys/devices/pci0000:00/0000:00:0e.0/resource r, /sys/devices/pci0000:00/0000:00:18.0/resource r, /sys/devices/pci0000:00/0000:00:18.1/resource r, /sys/devices/pci0000:00/0000:00:18.2/resource r, /sys/devices/pci0000:00/0000:00:18.3/resource r, /usr/bin/Xorg mr, /usr/lib/** mr, /usr/share/X11/xkb/rules/base r, /usr/share/fonts/** r, /var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType/fonts.alias r, /var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType/fonts.dir r, /var/lib/gdm/:0.Xauth r, /var/lib/xkb/server-0.xkm rw, /var/log/Xorg.0.log rw, /var/log/Xorg.0.log.old w, /var/run/acpid.socket w, } | over 4 years ago | 312 | igoriii | Edit | History | ||
| opensuse10.3 | /usr/lib/firefox/firefox.sh | #include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/user-tmp> /bin/basename Px, /bin/bash ixr, /bin/grep ixr, /bin/mktemp ixr, /etc/magic r, /home/*/.gdbinit r, /home/*/.inputrc r, /proc/*/auxv r, /proc/*/mem r, /proc/*/status r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/file ixr, /usr/bin/gdb ixr, /usr/lib/firefox/firefox-bin Pxr, /usr/lib/firefox/firefox.sh mr, /usr/share/misc/magic.mgc r, } | over 4 years ago | allow -d gdb option for firefox plus other misc updates | 346 | jmichael | Edit | History | |
| opensuse10.3 | /usr/bin/Xgl | #include <tunables/global> /usr/bin/Xgl { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/fonts> #include <abstractions/freedesktop.org> #include <abstractions/user-tmp> capability dac_override, capability ipc_owner, capability setgid, capability setuid, capability sys_admin, /bin/bash ixr, /dev/dri/card* rw, /etc/sysconfig/displaymanager r, /home/*/.gnome2/share/cursor-fonts/fonts.dir r, /home/*/.gnome2/share/fonts/fonts.dir r, /home/jesse/.gnome2/share/fonts/** r, /proc/meminfo r, /usr/bin/Xgl mr, /usr/bin/Xorg Px, /usr/bin/xkbcomp Px, /usr/lib/dri/*.so mr, /var/lib/gdm/* r, /var/lib/xkb/compiled/*.xkm rw, /var/log/Xgl.*.log rw, /var/log/Xgl.*.log.old w, /var/log/gdm/*.log w, } | over 4 years ago | Import of jmichaels profiles | 352 | dominic | Edit | History | |
| opensuse10.3 | /usr/bin/gnome-open | #include <tunables/global> /usr/bin/gnome-open flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> /bin/basename ixr, /bin/bash ixr, /bin/grep ixr, /bin/netstat ixr, /bin/ps ixr, /dev/snd/controlC0 rw, /dev/snd/controlC1 rw, /dev/snd/pcmC0D0p rw, /dev/tty rw, /etc/fonts/** r, /etc/gnome-vfs-2.0/modules/ r, /etc/gnome-vfs-2.0/modules/default-modules.conf r, /etc/gnome-vfs-2.0/modules/font-method.conf r, /etc/gnome-vfs-2.0/modules/mapping-modules.conf r, /etc/gnome-vfs-2.0/modules/smb-module.conf r, /etc/gnome-vfs-2.0/modules/ssl-modules.conf r, /etc/gnome-vfs-2.0/modules/theme-method.conf r, /etc/gtk-2.0/gdk-pixbuf.loaders r, /etc/gtk-2.0/gtk.immodules r, /etc/gtk-2.0/gtkrc r, /etc/magic r, /etc/mailcap r, /etc/mime.types r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/pango/pango.modules r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/a739e0075b4b5d92542755c278dde193-x86.cache-2 r, /home/*/.gnome2_private/ w, /home/*/.local/share/applications/ r, /home/*/.local/share/applications/mimeinfo.cache r, /home/*/.local/share/mime/aliases r, /home/*/.local/share/mime/globs r, /home/*/.local/share/mime/magic r, /home/*/.local/share/mime/subclasses r, /home/*/.macromedia/Flash_Player/#SharedObjects/ r, /home/*/.macromedia/Flash_Player/#SharedObjects/VD9JQJ6E/skype.com/ rw, /home/*/.macromedia/Flash_Player/#SharedObjects/VD9JQJ6E/skype.com/#user/ rw, /home/*/.macromedia/Flash_Player/#SharedObjects/VD9JQJ6E/skype.com/#user/session.sxx w, /home/*/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/#skype.com/ w, /home/*/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/#skype.com/settings.sol rw, /home/*/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/#skype.com/settings.sxx rw, /home/*/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/settings.sol rw, /home/*/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/settings.sxx rw, /home/*/.mailcap r, /home/*/.mozilla/firefox/3749x1bh.default/ r, /home/*/.mozilla/firefox/3749x1bh.default/.parentlock kw, /home/*/.mozilla/firefox/3749x1bh.default/Cache.Trash/ rw, /home/*/.mozilla/firefox/3749x1bh.default/Cache.Trash/Trash/ rw, /home/*/.mozilla/firefox/3749x1bh.default/Cache.Trash/Trash/Cache/ rw, /home/*/.mozilla/firefox/3749x1bh.default/Cache.Trash/Trash/Cache/* w, /home/*/.mozilla/firefox/3749x1bh.default/Cache/ rw, /home/*/.mozilla/firefox/3749x1bh.default/Cache/* rw, /home/*/.mozilla/firefox/3749x1bh.default/XPC.mfasl r, /home/*/.mozilla/firefox/3749x1bh.default/XUL.mfasl r, /home/*/.mozilla/firefox/3749x1bh.default/bookmarkbackups/ r, /home/*/.mozilla/firefox/3749x1bh.default/bookmarks-1.html rw, /home/*/.mozilla/firefox/3749x1bh.default/bookmarks.bak w, /home/*/.mozilla/firefox/3749x1bh.default/bookmarks.html rw, /home/*/.mozilla/firefox/3749x1bh.default/cert8.db rw, /home/*/.mozilla/firefox/3749x1bh.default/compatibility.ini r, /home/*/.mozilla/firefox/3749x1bh.default/compreg.dat r, /home/*/.mozilla/firefox/3749x1bh.default/cookies-1.txt rw, /home/*/.mozilla/firefox/3749x1bh.default/cookies.txt rw, /home/*/.mozilla/firefox/3749x1bh.default/downloads.rdf r, /home/*/.mozilla/firefox/3749x1bh.default/extensions.cache r, /home/*/.mozilla/firefox/3749x1bh.default/extensions.ini r, /home/*/.mozilla/firefox/3749x1bh.default/extensions/ r, /home/*/.mozilla/firefox/3749x1bh.default/formhistory.dat rw, /home/*/.mozilla/firefox/3749x1bh.default/history.dat rw, /home/*/.mozilla/firefox/3749x1bh.default/hostperm.1 r, /home/*/.mozilla/firefox/3749x1bh.default/key3.db rw, /home/*/.mozilla/firefox/3749x1bh.default/localstore-1.rdf rw, /home/*/.mozilla/firefox/3749x1bh.default/localstore.rdf rw, /home/*/.mozilla/firefox/3749x1bh.default/lock w, /home/*/.mozilla/firefox/3749x1bh.default/mimeTypes.rdf rw, /home/*/.mozilla/firefox/3749x1bh.default/prefs-1.js rw, /home/*/.mozilla/firefox/3749x1bh.default/prefs.js rw, /home/*/.mozilla/firefox/3749x1bh.default/search.sqlite krw, /home/*/.mozilla/firefox/3749x1bh.default/secmod.db r, /home/*/.mozilla/firefox/3749x1bh.default/sessionstore-1.js rw, /home/*/.mozilla/firefox/3749x1bh.default/sessionstore.js rw, /home/*/.mozilla/firefox/3749x1bh.default/urlclassifier2.sqlite rw, /home/*/.mozilla/firefox/3749x1bh.default/urlclassifier2.sqlite-journal w, /home/*/.mozilla/firefox/3749x1bh.default/webappsstore.sqlite rw, /home/*/.mozilla/firefox/3749x1bh.default/webappsstore.sqlite-journal w, /home/*/.mozilla/firefox/3749x1bh.default/xpti.dat r, /home/*/.mozilla/firefox/pluginreg.dat rw, /home/*/.mozilla/firefox/profiles.ini r, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/ r, /proc/*/cmdline r, /proc/*/maps r, /proc/*/stat r, /proc/*/status r, /proc/meminfo r, /proc/net/ r, /proc/net/dev r, /proc/net/unix r, /proc/stat r, /proc/sys/kernel/ngroups_max r, /proc/sys/kernel/pid_max r, /proc/uptime r, /tmp/ r, /tmp/* rw, /tmp/.ICE-unix/3510 w, /tmp/.ICE-unix/3664 w, /tmp/.ICE-unix/3665 w, /tmp/.ICE-unix/4499 w, /tmp/.X11-unix/X0 w, /tmp/.esd/socket rw, /tmp/gconfd-overwrite/lock/ior r, /tmp/orbit-overwrite/ w, /tmp/orbit-overwrite/* w, /tmp/orbit-somebody/ w, /usr/bin/bug-buddy ixr, /usr/bin/expr ixr, /usr/bin/file ixr, /usr/bin/gnome-open mr, /usr/lib/** mr, /usr/lib/firefox/firefox-bin ixr, /usr/lib/firefox/firefox.sh ixr, /usr/share/X11/locale/compose.dir r, /usr/share/X11/locale/en_US.UTF-8/Compose r, /usr/share/X11/locale/en_US.UTF-8/XLC_LOCALE r, /usr/share/X11/locale/locale.alias r, /usr/share/X11/locale/locale.dir r, /usr/share/alsa/alsa.conf r, /usr/share/alsa/cards/EMU10K1.conf r, /usr/share/alsa/cards/VIA8237.conf r, /usr/share/alsa/cards/aliases.conf r, /usr/share/alsa/pcm/center_lfe.conf r, /usr/share/alsa/pcm/default.conf r, /usr/share/alsa/pcm/dmix.conf r, /usr/share/alsa/pcm/dsnoop.conf r, /usr/share/alsa/pcm/front.conf r, /usr/share/alsa/pcm/iec958.conf r, /usr/share/alsa/pcm/rear.conf r, /usr/share/alsa/pcm/surround40.conf r, /usr/share/alsa/pcm/surround41.conf r, /usr/share/alsa/pcm/surround50.conf r, /usr/share/alsa/pcm/surround51.conf r, /usr/share/applications/ r, /usr/share/applications/mimeinfo.cache r, /usr/share/fonts/** r, /usr/share/gdm/applications/ r, /usr/share/gdm/applications/mimeinfo.cache r, /usr/share/ghostscript/fonts/** r, /usr/share/icons/Industrial/cursors/fleur r, /usr/share/icons/Industrial/cursors/hand2 r, /usr/share/icons/Industrial/cursors/left_ptr r, /usr/share/icons/Industrial/cursors/xterm r, /usr/share/icons/Industrial/index.theme r, /usr/share/icons/Tango/index.theme r, /usr/share/icons/crystalblue/cursors/hand r, /usr/share/icons/crystalblue/cursors/left_ptr r, /usr/share/icons/crystalblue/cursors/left_ptr_watch r, /usr/share/icons/crystalblue/cursors/xterm r, /usr/share/icons/crystalblue/index.theme r, /usr/share/icons/crystalblue_nonanim/cursors/left_ptr_watch r, /usr/share/icons/crystalblue_nonanim/index.theme r, /usr/share/icons/gnome/index.theme r, /usr/share/locale-bundle/de/LC_MESSAGES/glib20.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20-properties.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libbonobo-2.0.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libgnome-2.0.mo r, /usr/share/mime/aliases r, /usr/share/mime/globs r, /usr/share/mime/magic r, /usr/share/mime/subclasses r, /usr/share/misc/magic.mgc r, /usr/share/themes/Clearlooks/gtk-2.0/gtkrc r, /usr/share/themes/Default/gtk-2.0-key/gtkrc r, /usr/share/themes/bluebubble/gtk-2.0/bc-dark.png r, /usr/share/themes/bluebubble/gtk-2.0/bc-light.png r, /usr/share/themes/bluebubble/gtk-2.0/bc.png r, /usr/share/themes/bluebubble/gtk-2.0/bubble-blue-prelight.png r, /usr/share/themes/bluebubble/gtk-2.0/bubble-blue-pressed.png r, /usr/share/themes/bluebubble/gtk-2.0/bubble-blue.png r, /usr/share/themes/bluebubble/gtk-2.0/gtkrc r, /usr/share/themes/bluebubble/gtk-2.0/lines_background_const.png r, /var/cache/fontconfig/* r, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/l4_024_313cb605_00280cc0 r, /var/run/dbus/system_bus_socket w, /var/tmp/ r, } | over 4 years ago | 536 | overwrite | Edit | History | ||
| opensuse10.3 | /usr/sbin/httpd2-prefork | #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/nis> capability dac_override, capability net_bind_service, capability setgid, capability setuid, /etc/apache2/conf.d/ r, /etc/apache2/conf.d/mod_fcgid.conf r, /etc/apache2/conf.d/mod_mono.conf r, /etc/apache2/conf.d/mod_perl.conf r, /etc/apache2/conf.d/php5.conf r, /etc/apache2/conf.d/phpmyadmin.conf r, /etc/apache2/default-server.conf r, /etc/apache2/errors.conf r, /etc/apache2/httpd.conf r, /etc/apache2/listen.conf r, /etc/apache2/mod_autoindex-defaults.conf r, /etc/apache2/mod_info.conf r, /etc/apache2/mod_log_config.conf r, /etc/apache2/mod_mime-defaults.conf r, /etc/apache2/mod_status.conf r, /etc/apache2/mod_userdir.conf r, /etc/apache2/mod_usertrack.conf r, /etc/apache2/server-tuning.conf r, /etc/apache2/ssl-global.conf r, /etc/apache2/sysconfig.d/global.conf r, /etc/apache2/sysconfig.d/include.conf r, /etc/apache2/sysconfig.d/loadmodule.conf r, /etc/apache2/uid.conf r, /etc/apache2/vhosts.d/ r, /etc/gai.conf r, /etc/mime.types r, /etc/php5/apache2/php.ini r, /etc/php5/conf.d/ r, /etc/php5/conf.d/bcmath.ini r, /etc/php5/conf.d/bz2.ini r, /etc/php5/conf.d/calendar.ini r, /etc/php5/conf.d/ctype.ini r, /etc/php5/conf.d/curl.ini r, /etc/php5/conf.d/dba.ini r, /etc/php5/conf.d/dom.ini r, /etc/php5/conf.d/exif.ini r, /etc/php5/conf.d/gd.ini r, /etc/php5/conf.d/gmp.ini r, /etc/php5/conf.d/hash.ini r, /etc/php5/conf.d/iconv.ini r, /etc/php5/conf.d/json.ini r, /etc/php5/conf.d/mbstring.ini r, /etc/php5/conf.d/mcrypt.ini r, /etc/php5/conf.d/mysql.ini r, /etc/php5/conf.d/mysqli.ini r, /etc/php5/conf.d/ncurses.ini r, /etc/php5/conf.d/odbc.ini r, /etc/php5/conf.d/openssl.ini r, /etc/php5/conf.d/pcntl.ini r, /etc/php5/conf.d/pdo.ini r, /etc/php5/conf.d/pdo_mysql.ini r, /etc/php5/conf.d/pdo_odbc.ini r, /etc/php5/conf.d/pdo_sqlite.ini r, /etc/php5/conf.d/posix.ini r, /etc/php5/conf.d/pspell.ini r, /etc/php5/conf.d/readline.ini r, /etc/php5/conf.d/shmop.ini r, /etc/php5/conf.d/snmp.ini r, /etc/php5/conf.d/soap.ini r, /etc/php5/conf.d/sockets.ini r, /etc/php5/conf.d/sqlite.ini r, /etc/php5/conf.d/suhosin.ini r, /etc/php5/conf.d/tidy.ini r, /etc/php5/conf.d/tokenizer.ini r, /etc/php5/conf.d/wddx.ini r, /etc/php5/conf.d/xmlreader.ini r, /etc/php5/conf.d/xmlrpc.ini r, /etc/php5/conf.d/xmlwriter.ini r, /etc/php5/conf.d/xsl.ini r, /etc/php5/conf.d/zip.ini r, /etc/php5/conf.d/zlib.ini r, /proc/*/attr/current w, /tmp/.wapi/ w, /tmp/mod_mono_dashboard_XXGLOBAL_1 rw, /usr/bin/mod-mono-server px, /usr/lib64/** mr, /usr/sbin/httpd2-prefork mr, /usr/share/snmp/mibs/.index r, /usr/share/snmp/mibs/DISMAN-EVENT-MIB.txt r, /usr/share/snmp/mibs/DISMAN-SCHEDULE-MIB.txt r, /usr/share/snmp/mibs/HOST-RESOURCES-MIB.txt r, /usr/share/snmp/mibs/HOST-RESOURCES-TYPES.txt r, /usr/share/snmp/mibs/IANA-RTPROTO-MIB.txt r, /usr/share/snmp/mibs/IANAifType-MIB.txt r, /usr/share/snmp/mibs/IF-MIB.txt r, /usr/share/snmp/mibs/INET-ADDRESS-MIB.txt r, /usr/share/snmp/mibs/IP-FORWARD-MIB.txt r, /usr/share/snmp/mibs/IP-MIB.txt r, /usr/share/snmp/mibs/IPV6-ICMP-MIB.txt r, /usr/share/snmp/mibs/IPV6-MIB.txt r, /usr/share/snmp/mibs/IPV6-TC.txt r, /usr/share/snmp/mibs/IPV6-TCP-MIB.txt r, /usr/share/snmp/mibs/IPV6-UDP-MIB.txt r, /usr/share/snmp/mibs/LM-SENSORS-MIB.txt r, /usr/share/snmp/mibs/NET-SNMP-AGENT-MIB.txt r, /usr/share/snmp/mibs/NET-SNMP-EXTEND-MIB.txt r, /usr/share/snmp/mibs/NET-SNMP-MIB.txt r, /usr/share/snmp/mibs/NET-SNMP-VACM-MIB.txt r, /usr/share/snmp/mibs/NOTIFICATION-LOG-MIB.txt r, /usr/share/snmp/mibs/RFC1155-SMI.txt r, /usr/share/snmp/mibs/RFC1213-MIB.txt r, /usr/share/snmp/mibs/SNMP-COMMUNITY-MIB.txt r, /usr/share/snmp/mibs/SNMP-FRAMEWORK-MIB.txt r, /usr/share/snmp/mibs/SNMP-MPD-MIB.txt r, /usr/share/snmp/mibs/SNMP-NOTIFICATION-MIB.txt r, /usr/share/snmp/mibs/SNMP-TARGET-MIB.txt r, /usr/share/snmp/mibs/SNMP-USER-BASED-SM-MIB.txt r, /usr/share/snmp/mibs/SNMP-VIEW-BASED-ACM-MIB.txt r, /usr/share/snmp/mibs/SNMPv2-MIB.txt r, /usr/share/snmp/mibs/SNMPv2-SMI.txt r, /usr/share/snmp/mibs/SNMPv2-TC.txt r, /usr/share/snmp/mibs/SNMPv2-TM.txt r, /usr/share/snmp/mibs/TCP-MIB.txt r, /usr/share/snmp/mibs/UCD-DEMO-MIB.txt r, /usr/share/snmp/mibs/UCD-DISKIO-MIB.txt r, /usr/share/snmp/mibs/UCD-DLMOD-MIB.txt r, /usr/share/snmp/mibs/UCD-IPFWACC-MIB.txt r, /usr/share/snmp/mibs/UCD-SNMP-MIB.txt r, /usr/share/snmp/mibs/UDP-MIB.txt r, /usr/share/terminfo/v/vt100 r, /var/lib/php5/session_mm_apache2handler0.sem kw, /var/log/apache2/access_log a, /var/log/apache2/error_log a, /var/run/httpd2.pid w, /var/run/nscd/services r, } /usr/sbin/httpd2-prefork///egroupware/login.php flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc/*/attr/current w, /srv/www/htdocs/egroupware/header.inc.php r, /srv/www/htdocs/egroupware/login.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/adodb/adodb-iterator.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/adodb/adodb-time.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/adodb/adodb.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/adodb/drivers/adodb-mysql.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.Template.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.accounts.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.accounts_sql.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.acl.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.applications.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.auth.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.auth_sql.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.browser.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.common.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.config.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.contenthistory.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.crypto.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.dragdrop.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.egw.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.egw_datetime.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.egw_db.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.egw_framework.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.error.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.errorlog.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.hooks.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.html.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.javascript.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.preferences.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.sessions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.sessions_php4.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.tplsavant2.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.translation.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/common_functions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/functions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/savant2/Savant2.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/soap_functions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/xajax.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/xajaxResponse.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/xml_functions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/js/jsapi/jsapi.js r, /srv/www/htdocs/egroupware/phpgwapi/setup/setup.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/setup/tables_current.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/templates/default/head.tpl r, /srv/www/htdocs/egroupware/phpgwapi/templates/default/images/ r, /srv/www/htdocs/egroupware/phpgwapi/templates/default/login.tpl r, /srv/www/htdocs/egroupware/phpgwapi/templates/idots/class.idots_framework.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/templates/idots/images/ r, /var/lib/mysql/mysql.sock w, /var/log/apache2/access_log w, } "/usr/sbin/httpd2-prefork///egroupware/phpgwapi/templates/default/images/DPC LOGO TIFF.tif" flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, "/srv/www/htdocs/egroupware/phpgwapi/templates/default/images/DPC LOGO TIFF.tif" r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork///webERP/index.php flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc/*/attr/current w, /srv/www/htdocs/webERP/config.php r, /srv/www/htdocs/webERP/includes/ConnectDB.inc r, /srv/www/htdocs/webERP/includes/ConnectDB_mysqli.inc r, /srv/www/htdocs/webERP/includes/DateFunctions.inc r, /srv/www/htdocs/webERP/includes/GetConfig.php r, /srv/www/htdocs/webERP/includes/LanguageSetup.php r, /srv/www/htdocs/webERP/includes/MiscFunctions.php r, /srv/www/htdocs/webERP/includes/footer.inc r, /srv/www/htdocs/webERP/includes/header.inc r, /srv/www/htdocs/webERP/includes/php-gettext/gettext.php r, /srv/www/htdocs/webERP/includes/php-gettext/streams.php r, /srv/www/htdocs/webERP/includes/session.inc r, /srv/www/htdocs/webERP/index.php r, /srv/www/htdocs/webERP/locale/en_US/LC_MESSAGES/messages.mo r, /usr/share/mysql/charsets/Index.xml r, /var/lib/mysql/mysql.sock w, /var/lib/php5/sess_4srj8ot0k3dg4i4cfh382evemsc9jshf krw, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork//DEFAULT_URI flags=(complain) { /var/log/apache2/error_log w, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, } | over 3 years ago | egroupware | 429 | kent | Edit | History | |
| ubuntu-gutsy | /usr/bin/gnome-panel | #include <tunables/global> /usr/bin/gnome-panel { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/gnome> #include <abstractions/nameservice> capability dac_override, capability setgid, capability setuid, /bin/ r, /bin/bash ixr, /bin/dash ixr, /bin/egrep ixr, /bin/grep ixr, /bin/sed ixr, /bin/su Px, /bin/uname ixr, /dev/ptmx rw, /etc/init.d/ r, /etc/sound/events/gtk-events-2.soundlist r, /etc/sudoers r, /etc/xdg/menus/ r, /etc/xdg/menus/applications.menu r, /etc/xdg/menus/preferences.menu r, /etc/xdg/menus/settings.menu r, /home/*/ r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.bash_history ar, /home/*/.bashrc r, /home/*/.config/user-dirs.dirs r, /home/*/.gnome2_private/ w, /home/*/.gtk-bookmarks r, /home/*/.icons/ r, /home/*/.recently-used.xbel r, /home/*/.thumbnails/normal/*.png r, /lib/terminfo/x/xterm r, /proc/*/mounts r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /sbin/ r, /tmp/** klrw, /usr/bin/ r, /usr/bin/alacarte ixr, /usr/bin/avidemux ixr, /usr/bin/baobab ixr, /usr/bin/basename ixr, /usr/bin/beep-media-player-2 ixr, /usr/bin/cinepaint ixr, /usr/bin/devede ixr, /usr/bin/dircolors ixmr, /usr/bin/dirname ixr, /usr/bin/ekiga ixr, /usr/bin/env ix, /usr/bin/eog ixr, /usr/bin/evince ixr, /usr/bin/evolution Px, /usr/bin/f-spot ixr, /usr/bin/file-roller ixr, /usr/bin/gdmphotosetup ixr, /usr/bin/gimp-2.4 ixr, /usr/bin/git ixr, /usr/bin/git-merge r, /usr/bin/gksu ixr, /usr/bin/gnome-panel mr, /usr/bin/gnome-system-monitor ixr, /usr/bin/gnome-terminal ixr, /usr/bin/inkscape ixr, /usr/bin/kradio Px, /usr/bin/lesspipe ixr, /usr/bin/lynx.stable ixr, /usr/bin/monodevelop ixr, /usr/bin/mplayer ixr, /usr/bin/nautilus ixr, /usr/bin/nautilus-cd-burner ixr, /usr/bin/nautilus-connect-server ixr, /usr/bin/nessus ixr, /usr/bin/nmapfe ixr, /usr/bin/oofromtemplate ixr, /usr/bin/opera ixr, /usr/bin/python2.5 ix, /usr/bin/streamtuner ixr, /usr/bin/sudo ixr, /usr/bin/tsclient ixr, /usr/bin/ttb ixr, /usr/bin/wireshark ixr, /usr/bin/xaralx ixr, /usr/games/ r, /usr/lib/bonobo-activation/bonobo-activation-server Px, /usr/lib/command-not-found ixr, /usr/lib/firefox/firefox Px, /usr/lib/libvte9/gnome-pty-helper ixr, /usr/local/bin/ r, /usr/local/sbin/ r, /usr/local/share/applications/ r, /usr/local/share/desktop-directories/ r, /usr/local/share/icons/ r, /usr/sbin/ r, /usr/sbin/gdmsetup ixr, /usr/sbin/logprof Ux, /usr/share/albumshaper/images/**.xpm r, /usr/share/applications/ r, /usr/share/applications/*.desktop r, /usr/share/applications/kde/ r, /usr/share/applications/kde/*.desktop r, /usr/share/applications/screensavers/ r, /usr/share/applications/screensavers/*.desktop r, /usr/share/aqualung/*.png r, /usr/share/control-center-2.0/capplets/ r, /usr/share/control-center-2.0/capplets/*.desktop r, /usr/share/desktop-directories/ r, /usr/share/desktop-directories/*.directory r, /usr/share/firefox/icons/*.png r, /usr/share/gdm/applications/ r, /usr/share/gdm/applications/*.desktop r, /usr/share/gdm/gdmXnestWrapper ixr, /usr/share/gnome-2.0/ui/*.xml r, /usr/share/gnome/apps/ r, /usr/share/gnome/apps/Internet/ r, /usr/share/gnome/apps/Multimedia/ r, /usr/share/klavaro/pixmaps/*.xpm r, /usr/share/locale-langpack/en_US/**.mo r, /usr/share/system-config-printer/*.png r, /usr/share/vte/termcap/xterm r, /usr/share/xine/desktop/*.desktop r, /var/log/wtmp kw, /var/run/sudo/void/0 w, /var/run/sudo/void/1 w, /var/run/utmp krw, } | over 4 years ago | gnome | 364 | hbpteam | Edit | History | |
| opensuse10.3 | /usr/bin/amule | #include <tunables/global> /usr/bin/amule flags=(complain) { #include <abstractions/base> /usr/bin/amule mr, } | over 4 years ago | amule | 292 | spiky781 | Edit | History | |
| opensuse10.3 | /usr/lib/helix-dbus-server/helix-dbus-server.bin | #include <tunables/global> /usr/lib/helix-dbus-server/helix-dbus-server.bin { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/nameservice> /proc/cpuinfo r, /usr/lib/RealPlayer10/**.so mr, /usr/lib/helix-dbus-server/helix-dbus-server.bin mr, } | over 4 years ago | none | 271 | cinimod | Edit | History | |
| opensuse10.3 | /usr/bin/manpath | #include <tunables/global> /usr/bin/manpath { #include <abstractions/base> /etc/manpath.config r, /usr/bin/manpath mr, } | over 4 years ago | Import of jmichaels profiles | 295 | dominic | Edit | History | |
| ubuntu-gutsy | /usr/bin/skype | #include <tunables/global> /usr/bin/skype flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /dev/snd/controlC0 rw, /dev/snd/controlC1 rw, /dev/snd/pcmC0D0c rw, /dev/snd/pcmC0D0p rw, /dev/snd/pcmC0D1c rw, /dev/snd/pcmC0D2p rw, /dev/snd/timer r, /etc/fonts/** r, /home/*/.Skype/ rw, /home/*/.Skype/** krw, /home/*/.config/Trolltech.conf kr, /proc/interrupts r, /tmp/.X11-unix/X0 w, /usr/bin/skype mr, /usr/share/X11/XKeysymDB r, /usr/share/fonts/** r, /usr/share/icons/DMZ-White/cursor.theme r, /usr/share/icons/DMZ-White/cursors/arrow r, /usr/share/icons/DMZ-White/cursors/double_arrow r, /usr/share/icons/DMZ-White/cursors/xterm r, /usr/share/icons/DMZ-White/index.theme r, /usr/share/icons/Human/index.theme r, /usr/share/icons/Tangerine/index.theme r, /usr/share/icons/gnome/index.theme r, /usr/share/skype/** r, /var/cache/fontconfig/059138ec877db160474b4d5de1248d14-x86.cache-2 r, /var/cache/fontconfig/089dead882dea3570ffc31a9898cfb69-x86.cache-2 r, /var/cache/fontconfig/0f32d3adc6a232110812e17374eaa446-x86.cache-2 r, /var/cache/fontconfig/0f34bcd4b6ee430af32735b75db7f02b-x86.cache-2 r, /var/cache/fontconfig/102e5142c2e9e50c5e8ece26694a2dad-x86.cache-2 r, /var/cache/fontconfig/118d8d5311348bbdf5fe3b106d7c13d4-x86.cache-2 r, /var/cache/fontconfig/142ecfc435bad6f1fbc2648c1119d5eb-x86.cache-2 r, /var/cache/fontconfig/20bd79ad97094406f7d1b9654bfbd926-x86.cache-2 r, /var/cache/fontconfig/21a99156bb11811cef641abeda519a45-x86.cache-2 r, /var/cache/fontconfig/2561679576a9c7fd2ce41d281d4e00d1-x86.cache-2 r, /var/cache/fontconfig/3830d5c3ddfd5cd38a049b759396e72e-x86.cache-2 r, /var/cache/fontconfig/4123634e9c08547d899d0aaff05ebe69-x86.cache-2 r, /var/cache/fontconfig/4794a0821666d79190d59a36cb4f44b5-x86.cache-2 r, /var/cache/fontconfig/4c599c202bc5c08e2d34565a40eac3b2-x86.cache-2 r, /var/cache/fontconfig/4c73fe0c47614734b17d736dbde7580a-x86.cache-2 r, /var/cache/fontconfig/61c830dfac3fd78a12654da5e9ba3f56-x86.cache-2 r, /var/cache/fontconfig/6330322105e0c4105d7c7a6ea2974107-x86.cache-2 r, /var/cache/fontconfig/6333f38776742d18e214673cd2c24e34-x86.cache-2 r, /var/cache/fontconfig/6386b86020ecc1ef9690bb720a13964f-x86.cache-2 r, /var/cache/fontconfig/646addb8444faa74ee138aa00ab0b6a0-x86.cache-2 r, /var/cache/fontconfig/6d41288fd70b0be22e8c3a91e032eec0-x86.cache-2 r, /var/cache/fontconfig/707971e003b4ae6c8121c3a920e507f5-x86.cache-2 r, /var/cache/fontconfig/75a2cd575a62c63e802c11411fb87c37-x86.cache-2 r, /var/cache/fontconfig/7b4a97c10f6c0166998ddfa1cf7392fb-x86.cache-2 r, /var/cache/fontconfig/7ef2298fde41cc6eeb7af42e48b7d293-x86.cache-2 r, /var/cache/fontconfig/8ab5f685cd6d8ba67c37c908faf08172-x86.cache-2 r, /var/cache/fontconfig/921a30a17f0be15c70ac14043cb7a739-x86.cache-2 r, /var/cache/fontconfig/92a571655fb1c0ec1c4d6f496220600a-x86.cache-2 r, /var/cache/fontconfig/9404ff413c67fc2a1526fd14eb4163a8-x86.cache-2 r, /var/cache/fontconfig/945677eb7aeaf62f1d50efc3fb3ec7d8-x86.cache-2 r, /var/cache/fontconfig/9c0624108b9a2ae8552f664125be8356-x86.cache-2 r, /var/cache/fontconfig/a1131b7be650f9abae4907495aa5815d-x86.cache-2 r, /var/cache/fontconfig/a2ab74764b07279e7c36ddb1d302cf26-x86.cache-2 r, /var/cache/fontconfig/a755afe4a08bf5b97852ceb7400b47bc-x86.cache-2 r, /var/cache/fontconfig/a960c40fc9306f090224a04585f8a963-x86.cache-2 r, /var/cache/fontconfig/b21a91cee725896328b8cee8091cf747-x86.cache-2 r, /var/cache/fontconfig/b3fedf7c409f006ca1a6fceffceb77cf-x86.cache-2 r, /var/cache/fontconfig/b5a4f3f568a71026ccdc6a3a51afa9b4-x86.cache-2 r, /var/cache/fontconfig/b8613a33de00eecd32d5a94c3c617829-x86.cache-2 r, /var/cache/fontconfig/c69f04ab05004e31a6d5e715764f16d8-x86.cache-2 r, /var/cache/fontconfig/c855463f699352c367813e37f3f70ea7-x86.cache-2 r, /var/cache/fontconfig/cabbd14511b9e8a55e92af97fb3a0461-x86.cache-2 r, /var/cache/fontconfig/d52a8644073d54c13679302ca1180695-x86.cache-2 r, /var/cache/fontconfig/d82eb4fd963d448e2fcb7d7b793b5df3-x86.cache-2 r, /var/cache/fontconfig/da1bd5ca8443ffe22927a23ce431d198-x86.cache-2 r, /var/cache/fontconfig/ddc79d3ea06a7c6ffa86ede85f3bb5df-x86.cache-2 r, /var/cache/fontconfig/de156ccd2eddbdc19d37a45b8b2aac9c-x86.cache-2 r, /var/cache/fontconfig/de9486f0b47a4d768a594cb4198cb1c6-x86.cache-2 r, /var/cache/fontconfig/e0f9e95429e756d56293ed4d63866094-x86.cache-2 r, /var/cache/fontconfig/e13b20fdb08344e0e664864cc2ede53d-x86.cache-2 r, /var/cache/fontconfig/e383d7ea5fbe662a33d9b44caf393297-x86.cache-2 r, /var/cache/fontconfig/e3de0de479f42330eadf588a55fb5bf4-x86.cache-2 r, /var/cache/fontconfig/e7071f4a29fa870f4323321c154eba04-x86.cache-2 r, /var/cache/fontconfig/e9e44584608a73233979f764b5f9dd81-x86.cache-2 r, /var/cache/fontconfig/eeebfc908bd29a90773fd860017aada4-x86.cache-2 r, /var/cache/fontconfig/f5a93ac943883aa0fd9a7bfe0f6ec3c1-x86.cache-2 r, /var/cache/fontconfig/f71c1c7b3f795e5e20ad4a8800a9d397-x86.cache-2 r, /var/cache/fontconfig/fcff1cd55d48a2c86a175e9943c3506d-x86.cache-2 r, /var/cache/fontconfig/fd9416c4b92f07c6f59a3a8cf496e9dc-x86.cache-2 r, /var/cache/fontconfig/fd9505950c048a77dc4b710eb6a628ed-x86.cache-2 r, /var/cache/fontconfig/fe547fea3a41b43a38975d292a2b19c7-x86.cache-2 r, /var/lib/defoma/fontconfig.d/fonts.conf r, } | over 4 years ago | 0.1 | 386 | tommes | Edit | History | |
| opensuse11.0 | /usr/local/apache2/bin/httpd | #include <tunables/global> /usr/local/apache2/bin/httpd flags=(complain) { #include <abstractions/base> /etc/gai.conf r, /usr/local/apache2/conf/httpd.conf r, ^DEFAULT_URI flags=(complain) { } ^HANDLING_UNTRUSTED_INPUT flags=(complain) { } } | over 2 years ago | 197 | Stasio | Edit | History | ||
| opensuse10.3 | /usr/bin/ekiga | #include <tunables/global> /usr/bin/ekiga flags=(complain) { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /dev/ r, /dev/** r, /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.beagle/socket w, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2/gnomemeeting rw, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /home/*/.recently-used.xbel rw, /home/*/.recently-used.xbel.* rw, /proc/meminfo r, /proc/net/if_inet6 r, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/ekiga mr, /usr/lib/pwlib/devices/sound/*.so mr, /usr/lib/pwlib/devices/videoinput/*.so mr, /usr/share/mime/**.xml r, /var/cache/libx11/compose/* r, } | over 4 years ago | argh, switch things back to complain for a while | 302 | jmichael | Edit | History | |
| opensuse10.3 | /usr/bin/Xgl | #include <tunables/global> /usr/bin/Xgl { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/fonts> #include <abstractions/freedesktop.org> #include <abstractions/user-tmp> capability dac_override, capability ipc_owner, capability setgid, capability setuid, capability sys_admin, /bin/bash ixr, /dev/dri/card* rw, /etc/sysconfig/displaymanager r, /home/*/.gnome2/share/cursor-fonts/fonts.dir r, /home/*/.gnome2/share/fonts/fonts.dir r, /home/jesse/.gnome2/share/fonts/** r, /proc/meminfo r, /usr/bin/Xgl mr, /usr/bin/Xorg Px, /usr/bin/xkbcomp Px, /usr/lib/dri/*.so mr, /var/lib/gdm/* r, /var/lib/xdm/authdir/authfiles/* r, /var/lib/xkb/compiled/*.xkm rw, /var/log/Xgl.*.log rw, /var/log/Xgl.*.log.old w, /var/log/gdm/*.log w, } | over 4 years ago | none | 303 | cinimod | Edit | History | |
| opensuse10.3 | /usr/lib/beagle/beagled-index-helper | #include <tunables/global> /usr/lib/beagle/beagled-index-helper flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/user-tmp> /bin/bash ixr, /etc/mono/2.0/machine.config r, /etc/mono/config r, /home/*/ rw, /home/*/.beagle/** krw, /home/*/.local/share/mime/mime.cache mr, /home/*/.wapi/shared_data-* mrw, /home/*/.wapi/shared_fileshare-* mrw, /home/*/Desktop/* r, /proc/*/maps r, /proc/*/status r, /proc/meminfo r, /proc/stat r, /proc/sys/kernel/ngroups_max r, /usr/bin/mono ixr, /usr/bin/totem-video-indexer Px, /usr/lib/beagle/*.dll mr, /usr/lib/beagle/Filters/*.dll mr, /usr/lib/beagle/IndexHelper.exe mr, /usr/lib/beagle/beagled-index-helper mr, /usr/lib/mono/2.0/mscorlib.dll mr, /usr/lib/mono/gac/**.dll mr, /usr/share/mime/mime.cache mr, /var/tmp/ rw, } | over 4 years ago | argh, switch things back to complain for a while | 341 | jmichael | Edit | History | |
| opensuse10.3 | /usr/bin/skype | #include <tunables/global> /usr/bin/skype flags=(complain) { #include <abstractions/base> /usr/bin/skype mr, } | over 4 years ago | 538 | draglor | Edit | History | ||
| opensuse11.0 | /usr/sbin/httpd2-worker | #include <tunables/global> /usr/sbin/httpd2-worker { #include <abstractions/base> } | about 1 year ago | 127 | shaado | Edit | History | ||
| opensuse11.0 | /opt/WAS_APPARMOR/java/jre/bin/java | #include <tunables/global> /opt/WAS_APPARMOR/java/jre/bin/java flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> capability sys_nice, deny owner /tmp/guid.lock w, owner /etc/sysconfig/* r, owner /opt/WAS_APPARMOR/ w, owner /opt/WAS_APPARMOR/** mrwk, /opt/WAS_APPARMOR/java/jre/bin/java rix, owner /proc/*/net/if_inet6 r, owner /proc/meminfo r, owner /proc/stat r, owner /tmp/ r, owner /tmp/* rw, owner /tmp/** r, owner /tmp/*/ w, owner /usr/share/zoneinfo/ r, owner /var/run/nscd/* rw, } | over 2 years ago | was | 222 | appuser1 | Edit | History | |
| opensuse10.3 | /var/lib/distccd/flashgot.m384mqii.default/flashgot-1.fgt | #include <tunables/global> /var/lib/distccd/flashgot.m384mqii.default/flashgot-1.fgt { #include <abstractions/base> /var/lib/distccd/flashgot.m384mqii.default/flashgot-1.fgt mr, } | over 3 years ago | 253 | hello | Edit | History | ||
| opensuse10.3 | /usr/sbin/httpd2-prefork | # $Id: usr.sbin.httpd2-prefork 706 2007-05-31 06:58:22Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/perl> capability dac_override, capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_tty_config, /dev/random r, /etc/apache2/*.conf r, /etc/apache2/.digest r, /etc/apache2/magic r, /etc/apache2/mod_perl-startup.pl r, /etc/apache2/ssl.crt/*.crt r, /etc/apache2/ssl.key/*.key r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/apache2/{conf,sysconfig,vhosts}.d/* r, /etc/fstab r, /etc/gai.conf r, /etc/mime.types r, /etc/mtab r, /etc/odbcinst.ini r, /etc/php.d/ r, /etc/php.d/** r, /etc/php.ini r, /etc/php5/apache2/php.ini r, /etc/php5/conf.d/ r, /etc/php5/conf.d/ctype.ini r, /etc/php5/conf.d/dom.ini r, /etc/php5/conf.d/hash.ini r, /etc/php5/conf.d/iconv.ini r, /etc/php5/conf.d/json.ini r, /etc/php5/conf.d/pdo.ini r, /etc/php5/conf.d/pdo_sqlite.ini r, /etc/php5/conf.d/sqlite.ini r, /etc/php5/conf.d/tokenizer.ini r, /etc/php5/conf.d/xmlreader.ini r, /etc/php5/conf.d/xmlwriter.ini r, /home/*/ r, /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /tmp/auth_ldap_cache.sem wl, /tmp/session_mm_apache0.sem wl, /tmp/session_mm_apache2handler0.sem wl, /usr/X11R6/lib/lib*.so* mr, /usr/X11R6/lib64/lib*.so* mr, /usr/apache2/error/* r, /usr/lib/apache2-leader/{lib,mod_}*.so* mr, /usr/lib/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib/apache2-worker/{lib,mod_}*.so* mr, /usr/lib/apache2/modules/{lib,mod_}*.so* mr, /usr/lib/apache2/{lib,mod_}*.so mr, /usr/lib/mysql/libmysql*.so* mr, /usr/lib/php/extensions/*.so mr, /usr/lib/php4/*.so mr, /usr/lib/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib/python[12].[0-9]/site-packages r, /usr/lib/qt3/lib/lib*.so* mr, /usr/lib64/** mr, /usr/lib64/apache2-leader/{lib,mod_}*.so* mr, /usr/lib64/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib64/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib64/apache2-worker/{lib,mod_}*.so* mr, /usr/lib64/apache2/modules/{lib,mod_}*.so* mr, /usr/lib64/apache2/{lib,mod_}*.so* mr, /usr/lib64/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/local/tomcat/conf/mod_jk.conf r, /usr/local/tomcat/conf/workers-ajp12.properties r, /usr/sbin/httpd2-prefork r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /usr/share/apache2/error/* r, /usr/share/apache2/error/include/* r, /usr/share/misc/magic.mime r, /usr/share/snmp/mibs r, /usr/share/snmp/mibs/*.{txt,mib} r, /usr/share/snmp/mibs/.index wr, /usr/share/ssl/openssl.cnf r, /var/dav/lock/lockdb.dir krw, /var/dav/lock/lockdb.pag rw, /var/lib/php/sess_* rwl, /var/lib/php5/session_mm_apache2handler0.sem kw, /var/lock/httpd2.lock.* wl, /var/log/apache2/* rwl, /var/log/apache2/** rwl, /var/log/httpd/ssl_scache.dir r, /var/log/httpd/ssl_scache.pag r, /var/run/httpd2.mm.* wl, /var/run/httpd2.pid wl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } /usr/sbin/httpd2-prefork//DEFAULT_URI flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /var/lib/php/sess_* rwl, /var/log/apache2/** rwl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /**.htaccess r, /var/log/apache2/* w, } | over 3 years ago | 311 | ytakeda | Edit | History | ||
| ubuntu-gutsy | /usr/bin/gnome-splashscreen-manager | #include <tunables/global> /usr/bin/gnome-splashscreen-manager { #include <abstractions/base> /usr/bin/env ix, /usr/bin/gnome-splashscreen-manager mr, } | over 4 years ago | gnome | 349 | hbpteam | Edit | History | |
| opensuse10.3 | /usr/lib/helix-dbus-server/helix-dbus-server.bin | #include <tunables/global> /usr/lib/helix-dbus-server/helix-dbus-server.bin { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/nameservice> /proc/cpuinfo r, /usr/lib/RealPlayer10/**.so mr, /usr/lib/helix-dbus-server/helix-dbus-server.bin mr, } | over 4 years ago | Import of jmichaels profiles | 297 | dominic | Edit | History | |
| opensuse10.3 | /usr/bin/manpath | #include <tunables/global> /usr/bin/manpath { #include <abstractions/base> /etc/manpath.config r, /usr/bin/manpath mr, } | over 4 years ago | none | 300 | cinimod | Edit | History | |
| opensuse11.0 | /usr/bin/crontab | #include <tunables/global> /usr/bin/crontab flags=(complain) { #include <abstractions/base> } | about 1 year ago | /fixes/changelog.log | 87 | jdb | Edit | History | |
| opensuse11.0 | /usr/sbin/traceroute | #include <tunables/global> /usr/sbin/traceroute { #include <abstractions/base> #include <abstractions/nameservice> deny /etc/resolv.conf r, deny /usr/sbin/traceroute r, } | about 1 year ago | a | 180 | userx | Edit | History | |
| opensuse11.0 | /usr/sbin/asterisk | #include <tunables/global> /usr/sbin/asterisk flags=(complain) { #include <abstractions/base> /etc/asterisk/logger.conf r, } | over 3 years ago | 244 | yvm2008 | Edit | History | ||
| opensuse11.0 | /usr/lib/avast4workstation/bin/wrapper-script.sh | #include <tunables/global> /usr/lib/avast4workstation/bin/wrapper-script.sh { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, } | over 3 years ago | 261 | ankur_aiw9 | Edit | History | ||
| ubuntu-gutsy | /usr/bin/gnome-session | #include <tunables/global> /usr/bin/gnome-session { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/nameservice> #include <abstractions/python> /bin/dash ixr, /etc/X11/xorg.conf r, /etc/apt/apt.conf.d/ r, /etc/apt/apt.conf.d/* r, /etc/apt/sources.list r, /etc/apt/sources.list.d/ r, /etc/apt/sources.list.d/medibuntu.list r, /etc/debian_version r, /etc/default/linux-restricted-modules-common krw, /etc/lsb-release r, /etc/sound/events/gnome-2.soundlist r, /etc/sound/events/gtk-events-2.soundlist r, /etc/update-notifier/hooks_seen r, /etc/xdg/autostart/ r, /etc/xdg/autostart/*.desktop r, /home/*/ r, /home/*/*.NC7E0T rw, /home/*/.ICEauthority rw, /home/*/.ICEauthority-c w, /home/*/.ICEauthority-l lw, /home/*/.Xauthority r, /home/*/.cache/tracker/ r, /home/*/.cache/tracker/*.db krw, /home/*/.cache/tracker/*.db-journal w, /home/*/.config/*.dirs r, /home/*/.config/*.locale r, /home/*/.config/tracker/*.cfg r, /home/*/.evolution/mail/local/ r, /home/*/.evolution/mail/local/*.ev-summary r, /home/*/.evolution/mail/local/Inbox r, /home/*/.gnome2_private/ w, /home/*/.gstreamer-0.10/*.xml r, /home/*/.gtk-bookmarks rw, /home/*/.icons/ r, /home/*/.local/share/tracker/*.log w, /home/*/.local/share/tracker/data/ r, /home/*/.local/share/tracker/data/*.db krw, /home/*/.local/share/tracker/data/*.db-journal w, /home/*/.local/share/tracker/void_tracker_lock krw, /home/*/Desktop/ r, /home/*/Documents/ r, /home/*/Music/ r, /home/*/Pictures/ r, /home/*/Public/ r, /home/*/Templates/ r, /home/*/Videos/ r, /home/*/dvdrip-data/ r, /home/*/themes/ r, /home/*/themes/*/ r, /lib/linux-restricted-modules/2.6.22-14-generic/ r, /proc/*/mounts r, /proc/acpi/ac_adapter/ r, /proc/asound/cards r, /proc/meminfo r, /proc/modules r, /proc/stat r, /proc/sys/fs/inotify/max_user_watches r, /sys/devices/ r, /sys/devices/*/ r, /sys/devices/acpi_system:00/ACPI0007:00/ r, /sys/devices/acpi_system:00/ACPI0007:00/power/ r, /sys/devices/acpi_system:00/button_power:00/ r, /sys/devices/acpi_system:00/button_power:00/power/ r, /sys/devices/acpi_system:00/device:00/ r, /sys/devices/acpi_system:00/device:00/**/ r, /sys/devices/acpi_system:00/power/ r, /sys/devices/acpi_system:00/thermal:00/ r, /sys/devices/acpi_system:00/thermal:00/*/ r, /sys/devices/isa/power/ r, /sys/devices/pci0000:00/** r, /sys/devices/platform/bluetooth/ r, /sys/devices/platform/bluetooth/modalias r, /sys/devices/platform/bluetooth/power/ r, /sys/devices/platform/eisa.0/ r, /sys/devices/platform/eisa.0/modalias r, /sys/devices/platform/eisa.0/power/ r, /sys/devices/platform/floppy.0/ r, /sys/devices/platform/floppy.0/modalias r, /sys/devices/platform/floppy.0/power/ r, /sys/devices/platform/i8042/ r, /sys/devices/platform/i8042/modalias r, /sys/devices/platform/i8042/power/ r, /sys/devices/platform/i8042/serio0/ r, /sys/devices/platform/i8042/serio0/id/ r, /sys/devices/platform/i8042/serio0/modalias r, /sys/devices/platform/i8042/serio0/power/ r, /sys/devices/platform/i8042/serio1/ r, /sys/devices/platform/i8042/serio1/id/ r, /sys/devices/platform/i8042/serio1/modalias r, /sys/devices/platform/i8042/serio1/power/ r, /sys/devices/platform/pcspkr/ r, /sys/devices/platform/pcspkr/modalias r, /sys/devices/platform/pcspkr/power/ r, /sys/devices/platform/power/ r, /sys/devices/platform/serial8250/ r, /sys/devices/platform/serial8250/modalias r, /sys/devices/platform/serial8250/power/ r, /sys/devices/pnp0/**/ r, /sys/devices/pnp1/power/ r, /sys/devices/system/**/ r, /tmp/** klrw, /usr/bin/aplay Px, /usr/bin/apt-cache ixr, /usr/bin/basename ixr, /usr/bin/bluetooth-applet Px, /usr/bin/bug-buddy Px, /usr/bin/dbus-daemon Px, /usr/bin/env ixr, /usr/bin/gconftool-2 ixr, /usr/bin/gnome-at-visual ixr, /usr/bin/gnome-panel Px, /usr/bin/gnome-power-manager ixr, /usr/bin/gnome-session mr, /usr/bin/gnome-volume-manager Px, /usr/bin/gnome-wm Px, /usr/bin/lsb_release ixr, /usr/bin/nautilus Px, /usr/bin/nm-applet ixr, /usr/bin/python2.5 ixr, /usr/bin/restricted-manager ixr, /usr/bin/system-config-printer-applet ixr, /usr/bin/trackerd ixr, /usr/bin/update-notifier ixr, /usr/bin/vino-session Px, /usr/bin/xdg-user-dirs-gtk-update ixr, /usr/lib/evolution/2.12/evolution-alarm-notify ixr, /usr/lib/libgconf2-4/gconf-sanity-check-2 Px, /usr/lib/libgconf2-4/gconfd-2 Px, /usr/lib/update-notifier/apt-check ixr, /usr/local/share/applications/ r, /usr/local/share/icons/ r, /usr/share/applications/ r, /usr/share/applications/*/ r, /usr/share/apport/apport-gtk ixr, /usr/share/gdm/applications/ r, /usr/share/gnome/*.session r, /usr/share/gnome/autostart/ r, /usr/share/gnome/autostart/* r, /usr/share/linux-restricted-modules/2.6.22-14-generic/modules.alias.override/ r, /usr/share/nm-applet/applet.glade r, /usr/share/restricted-manager/groups/ r, /usr/share/restricted-manager/groups/vmware r, /usr/share/restricted-manager/manager.glade r, /usr/share/restricted-manager/modalias_override/ r, /usr/share/system-config-printer/applet.py ixr, /usr/share/tracker/*.sql r, /usr/share/tracker/languages/stopwords.en r, /usr/share/update-notifier/glade/*.glade r, /var/cache/apt/archives/ r, /var/cache/apt/archives/partial/ r, /var/cache/apt/pkgcache.bin r, /var/cache/restricted-manager/*.restricted krw, /var/cache/restricted-manager/seen krw, /var/cache/restricted-manager/used krw, /var/crash/ r, /var/lib/apt/extended_states r, /var/lib/apt/lists/ r, /var/lib/dpkg/ r, /var/lib/update-notifier/ r, /var/lib/update-notifier/user.d/ r, /var/run/ r, /var/run/avahi-daemon/ r, /var/run/cups/cups.sock w, } | over 4 years ago | gnome | 394 | hbpteam | Edit | History | |
| opensuse10.3 | /etc/X11/xdm/Xsession | #include <tunables/global> /etc/X11/xdm/Xsession { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability sys_ptrace, /bin/bash ixr, /bin/grep ixr, /bin/hostname Px, /bin/ls ixmr, /bin/uname Px, /etc/X11/Xresources r, /etc/X11/xdm/Xsession mr, /etc/X11/xdm/sys.xsession Px, /etc/X11/xinit/xinitrc.common r, /etc/opt/ r, /etc/shells r, /etc/sysconfig/console r, /etc/sysconfig/language r, /etc/sysconfig/mail r, /etc/sysconfig/news r, /etc/sysconfig/proxy r, /etc/sysconfig/suseconfig r, /etc/sysconfig/windowmanager r, /home/*/.Xdefaults r, /home/*/.bashrc r, /home/*/.profile r, /opt/ r, /proc/ r, /proc/*/cmdline r, /proc/*/mounts r, /proc/*/stat r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /sbin/killall5 ixr, /usr/bin/dircolors ixmr, /usr/bin/manpath Px, /usr/bin/tty ixr, /usr/bin/xrdb Px, /usr/lib/jvm/java-1.5.0-sun-1.5.0_update12/jre/bin/java ixr, /var/log/Xorg.*.log r, } | over 4 years ago | Import of jmichaels profiles | 326 | dominic | Edit | History | |
| ubuntu-gutsy | /usr/games/iagno | #include <tunables/global> /usr/games/iagno { #include <abstractions/base> /usr/games/iagno mr, } | over 4 years ago | gnome | 347 | hbpteam | Edit | History | |
| opensuse10.3 | /usr/lib/gnome-keyring-1/gnome-keyring-ask | #include <tunables/global> /usr/lib/gnome-keyring-1/gnome-keyring-ask flags=(complain) { #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /home/*/.Xauthority r, /home/*/.fontconfig/* r, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /proc/meminfo r, /usr/lib/gnome-keyring-1/gnome-keyring-ask mr, } | over 4 years ago | argh, switch things back to complain for a while | 298 | jmichael | Edit | History | |
| opensuse11.0 | /lib64/ld-2.9.so | #include <tunables/global> /lib64/ld-2.9.so { #include <abstractions/base> } | about 1 year ago | 129 | pone13 | Edit | History | ||
| opensuse11.0 | /sbin/rsyslogd | #include <tunables/global> /sbin/rsyslogd { #include <abstractions/base> } | about 1 year ago | /var/log/rsyslog | 193 | virtualjack | Edit | History | |
| opensuse10.3 | /usr/bin/claws-mail | #include <tunables/global> /usr/bin/claws-mail flags=(complain) { #include <abstractions/base> /home/vljliljlv/.claws-mail/tagsrc w, /home/vljliljlv/rajakarta/queue/ r, /usr/bin/claws-mail mr, } | over 2 years ago | claws-mail log | 225 | praanap | Edit | History | |
| opensuse11.0 | /bin/arch | #include <tunables/global> /bin/arch flags=(complain) { #include <abstractions/base> } | over 3 years ago | ravee1 | 251 | ravee | Edit | History | |
| opensuse10.3 | /sbin/ip | #include <tunables/global> /sbin/ip flags=(complain) { #include <abstractions/base> capability sys_module, /etc/iproute2/rt_scopes r, /proc/net/ r, /proc/net/unix r, /sbin/ip mr, } | over 4 years ago | argh, switch things back to complain for a while | 347 | jmichael | Edit | History | |
| ubuntu-gutsy | /usr/bin/gstm | #include <tunables/global> /usr/bin/gstm { #include <abstractions/base> /usr/bin/gstm mr, } | over 4 years ago | gnome | 340 | hbpteam | Edit | History | |
| opensuse11.0 | /etc/init.d/sshd | #include <tunables/global> /etc/init.d/sshd flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, } | about 1 year ago | 181 | budda | Edit | History | ||
| opensuse11.0 | /usr/lib/firefox/firefox.sh | #include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/basename px, /bin/bash ix, /usr/bin/file px, } | over 2 years ago | 229 | philodoxia | Edit | History | ||
| opensuse10.3 | /usr/bin/evolution | #include <tunables/global> /usr/bin/evolution flags=(complain) { #include <abstractions/base> /usr/bin/evolution mr, } | over 4 years ago | Appevolution | 264 | vmbaumgaertel | Edit | History | |
| opensuse10.3 | /usr/sbin/snmpd | #include <tunables/global> /usr/sbin/snmpd { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, /dev/md* r, /dev/sd* r, /etc/hosts.allow r, /etc/hosts.deny r, /etc/mtab r, /etc/rpm/ r, /etc/rpm/macros.gconf2 r, /etc/rpm/macros.mkinitrd r, /etc/sensors.conf r, /etc/snmp/snmpd.conf r, /proc/ r, /proc/*/cmdline r, /proc/*/mounts r, /proc/*/stat r, /proc/*/status r, /proc/cmdline r, /proc/loadavg r, /proc/net/arp r, /proc/net/dev r, /proc/net/if_inet6 r, /proc/net/ipv6_route r, /proc/net/route r, /proc/net/snmp r, /proc/net/snmp6 r, /proc/net/tcp r, /proc/net/tcp6 r, /proc/net/udp r, /proc/net/udp6 r, /proc/sys/net/ipv4/ipfrag_time r, /proc/sys/net/ipv4/neigh/eth0/retrans_time_ms r, /proc/sys/net/ipv4/neigh/eth1/retrans_time_ms r, /proc/sys/net/ipv4/neigh/lo/retrans_time_ms r, /proc/sys/net/ipv6/conf/all/forwarding r, /proc/sys/net/ipv6/conf/default/hop_limit r, /proc/sys/net/ipv6/conf/eth0/forwarding r, /proc/sys/net/ipv6/conf/eth1/forwarding r, /proc/sys/net/ipv6/conf/lo/forwarding r, /proc/sys/net/ipv6/neigh/eth0/base_reachable_time_ms r, /proc/sys/net/ipv6/neigh/eth0/retrans_time_ms r, /proc/sys/net/ipv6/neigh/eth1/base_reachable_time_ms r, /proc/sys/net/ipv6/neigh/eth1/retrans_time_ms r, /proc/sys/net/ipv6/neigh/lo/base_reachable_time_ms r, /proc/sys/net/ipv6/neigh/lo/retrans_time_ms r, /proc/uptime r, /proc/vmstat r, /sys/class/hwmon/ r, /sys/class/i2c-adapter/ r, /sys/devices/pci0000:00/0000:00:1f.3/i2c-adapter/i2c-0/name r, /sys/devices/platform/coretemp.[0-9]/name r, /sys/devices/platform/coretemp.[0-9]/temp1_input r, /sys/devices/platform/coretemp.[0-9]/temp1_label r, /usr/sbin/snmpd mr, /usr/share/snmp/mibs/ r, /usr/share/snmp/mibs/* r, /var/lib/net-snmp/snmpd.0.conf w, /var/lib/net-snmp/snmpd.conf rw, /var/lib/rpm/ w, /var/lib/rpm/Packages kr, /var/log/net-snmpd.log rw, /var/run/snmpd.pid w, /var/run/utmp krw, } | over 3 years ago | 602 | arclyde | Edit | History | ||
| opensuse10.3 | /etc/X11/xdm/Xsession | #include <tunables/global> /etc/X11/xdm/Xsession { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability sys_ptrace, /bin/bash ixr, /bin/grep ixr, /bin/hostname Px, /bin/ls ixmr, /bin/uname Px, /etc/X11/Xresources r, /etc/X11/xdm/Xsession mr, /etc/X11/xdm/sys.xsession Px, /etc/X11/xim r, /etc/X11/xinit/xinitrc.common r, /etc/opt/ r, /etc/shells r, /etc/sysconfig/console r, /etc/sysconfig/language r, /etc/sysconfig/mail r, /etc/sysconfig/news r, /etc/sysconfig/proxy r, /etc/sysconfig/suseconfig r, /etc/sysconfig/windowmanager r, /home/*/.Xdefaults r, /home/*/.bashrc r, /home/*/.profile r, /home/*/.xsession-errors w, /opt/ r, /proc/ r, /proc/*/cmdline r, /proc/*/mounts r, /proc/*/stat r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /sbin/killall5 ixr, /usr/bin/dircolors ixmr, /usr/bin/manpath Px, /usr/bin/printenv ixr, /usr/bin/tty ixr, /usr/bin/xrdb Px, /usr/lib/jvm/java-1.5.0-sun-1.5.0_update12/jre/bin/java ixr, /usr/lib/jvm/java-1.6.0.u3.sr2-sun-1.6.0.u3/bin/java ixr, /usr/lib/jvm/java-1.6.0.u3.sr2-sun-1.6.0.u3/bin/javac ixr, /usr/lib/jvm/java-1.6.0.u3.sr2-sun-1.6.0.u3/jre/bin/java ixr, /var/log/Xorg.*.log r, } | over 4 years ago | none | 304 | cinimod | Edit | History | |
| opensuse10.3 | /usr/lib/cyrus/bin/cyr_expire | #include <tunables/global> /usr/lib/cyrus/bin/cyr_expire { #include <abstractions/base> /etc/imapd.* r, /mnt/mail/config/** rw, /usr/lib/cyrus/bin/cyr_expire mr, /var/lib/imap/** rw, } | over 3 years ago | 297 | arclyde | Edit | History | ||
| opensuse10.3 | /usr/sbin/apxs2 | #include <tunables/global> /usr/sbin/apxs2 { #include <abstractions/base> #include <abstractions/perl> /usr/bin/perl ix, /usr/sbin/apxs2 mr, } | over 3 years ago | 1 | 358 | kungfu | Edit | History | |
| ubuntu-gutsy | /usr/bin/hamachi | #include <tunables/global> /usr/bin/hamachi flags=(complain) { #include <abstractions/base> /tmp/upxBCN1WMIANOG pxrw, /usr/bin/hamachi mr, } | over 4 years ago | hamachi | 290 | snide | Edit | History | |
| opensuse11.0 | /usr/sbin/traceroute | #include <tunables/global> /usr/sbin/traceroute { #include <abstractions/base> } | about 1 year ago | 180 | stu | Edit | History | ||
| opensuse11.0 | /usr/bin/pidgin | #include <tunables/global> /usr/bin/pidgin { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> owner /home/*/.purple/* rw, owner /home/*/.purple/** mr, owner /home/walik/.gstreamer-0.10/* r, owner /proc/*/fd/ r, owner /proc/*/mounts r, /usr/lib/pidgin/* mr, /usr/lib/purple-2/* mr, /usr/share/locale-bundle/** r, /usr/share/themes/ r, owner /var/run/gdm/auth-for-walik-E5MIBe/database r, ^null-10 { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-12 { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-14 { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-16 { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-18 { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-1a { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-1c { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-1e { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-20 { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-22 { #include <abstractions/base> } ^null-24 { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-26 { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-28 { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-2a { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/* r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-2c { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-2e { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-30 { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-32 { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-34 { #include <abstractions/base> } ^null-36 { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/** mr, /usr/share/locale/** r, } ^null-38 { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-3a { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-3c { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-3e { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-40 { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-42 { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-44 { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-46 { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-48 { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-4a { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-4c { /dev/urandom r, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } } | over 2 years ago | 196 | walik | Edit | History | ||
| opensuse11.0 | /usr/lib64/firefox/firefox.sh | #include <tunables/global> /usr/lib64/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, } | over 2 years ago | 206 | sudakovi | Edit | History | ||
| opensuse10.3 | /usr/bin/strigidaemon | #include <tunables/global> /usr/bin/strigidaemon { #include <abstractions/base> #include <abstractions/user-tmp> /etc/opt/kde3/share/ r, /home/*/ r, /home/*/.local/share/ r, /home/*/.strigi/*.conf rw, /home/*/.strigi/clucene/* r, /home/*/.strigi/lock kw, /home/*/.strigi/socket w, /opt/kde3/share/ r, /usr/bin/strigidaemon mr, /usr/lib/strigi/*.so mr, /usr/share/strigi/** r, } | over 4 years ago | kde4 testing | 254 | dominic | Edit | History | |
| opensuse10.3 | /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper | #include <tunables/global> /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/sysconfig/proxy r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper mr, } | over 4 years ago | Import of jmichaels profiles | 314 | dominic | Edit | History | |
| opensuse11.0 | /usr/lib/firefox/firefox | #include <tunables/global> /usr/lib/firefox/firefox { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/nameservice> deny capability sys_ptrace, deny /bin/bash mrx, deny /bin/grep mrx, deny /bin/ps mrx, deny /etc/mailcap r, deny /etc/mtab r, deny /etc/opt/kde3/share/applications/ r, deny /etc/opt/kde3/share/applications/mimeinfo.cache r, deny /etc/rpc r, deny /opt/kde3/share/applications/ r, deny /opt/kde3/share/applications/mimeinfo.cache r, deny /proc/ r, deny /proc/1/cmdline r, deny /proc/1/stat r, deny /proc/1/status r, deny /proc/10/cmdline r, deny /proc/10/stat r, deny /proc/10/status r, deny owner /proc/10059/cmdline r, deny owner /proc/10059/stat r, deny owner /proc/10059/status r, deny owner /proc/10064/cmdline r, deny owner /proc/10064/stat r, deny owner /proc/10064/status r, deny owner /proc/10101/cmdline r, deny owner /proc/10101/stat r, deny owner /proc/10101/status r, deny owner /proc/10102/cmdline r, deny owner /proc/10102/stat r, deny owner /proc/10102/status r, deny owner /proc/10103/cmdline r, deny owner /proc/10103/stat r, deny owner /proc/10103/status r, deny /proc/1089/cmdline r, deny /proc/1089/stat r, deny /proc/1089/status r, deny /proc/11/cmdline r, deny /proc/11/stat r, deny /proc/11/status r, deny /proc/12/cmdline r, deny /proc/12/stat r, deny /proc/12/status r, deny /proc/13/cmdline r, deny /proc/13/stat r, deny /proc/13/status r, deny /proc/14/cmdline r, deny /proc/14/stat r, deny /proc/14/status r, deny /proc/1499/cmdline r, deny /proc/1499/stat r, deny /proc/1499/status r, deny /proc/15/cmdline r, deny /proc/15/stat r, deny /proc/15/status r, deny /proc/1526/cmdline r, deny /proc/1526/stat r, deny /proc/1526/status r, deny /proc/16/cmdline r, deny /proc/16/stat r, deny /proc/16/status r, deny /proc/17/cmdline r, deny /proc/17/stat r, deny /proc/17/status r, deny /proc/18/cmdline r, deny /proc/18/stat r, deny /proc/18/status r, deny /proc/19/cmdline r, deny /proc/19/stat r, deny /proc/19/status r, deny /proc/2/cmdline r, deny /proc/2/stat r, deny /proc/2/status r, deny /proc/20/cmdline r, deny /proc/20/stat r, deny /proc/20/status r, deny /proc/2080/cmdline r, deny /proc/2080/stat r, deny /proc/2080/status r, deny /proc/21/cmdline r, deny /proc/21/stat r, deny /proc/21/status r, deny /proc/2127/cmdline r, deny /proc/2127/stat r, deny /proc/2127/status r, deny /proc/2128/cmdline r, deny /proc/2128/stat r, deny /proc/2128/status r, deny /proc/2155/cmdline r, deny /proc/2155/stat r, deny /proc/2155/status r, deny /proc/22/cmdline r, deny /proc/22/stat r, deny /proc/22/status r, deny /proc/23/cmdline r, deny /proc/23/stat r, deny /proc/23/status r, deny /proc/24/cmdline r, deny /proc/24/stat r, deny /proc/24/status r, deny /proc/2420/cmdline r, deny /proc/2420/stat r, deny /proc/2420/status r, deny /proc/2432/cmdline r, deny /proc/2432/stat r, deny /proc/2432/status r, deny /proc/2451/cmdline r, deny /proc/2451/stat r, deny /proc/2451/status r, deny /proc/25/cmdline r, deny /proc/25/stat r, deny /proc/25/status r, deny /proc/2517/cmdline r, deny /proc/2517/stat r, deny /proc/2517/status r, deny /proc/2519/cmdline r, deny /proc/2519/stat r, deny /proc/2519/status r, deny /proc/2577/cmdline r, deny /proc/2577/stat r, deny /proc/2577/status r, deny /proc/2603/cmdline r, deny /proc/2603/stat r, deny /proc/2603/status r, deny /proc/2659/cmdline r, deny /proc/2659/stat r, deny /proc/2659/status r, deny /proc/2665/cmdline r, deny /proc/2665/stat r, deny /proc/2665/status r, deny /proc/2670/cmdline r, deny /proc/2670/stat r, deny /proc/2670/status r, deny /proc/3/cmdline r, deny /proc/3/stat r, deny /proc/3/status r, deny /proc/3106/cmdline r, deny /proc/3106/stat r, deny /proc/3106/status r, deny /proc/3108/cmdline r, deny /proc/3108/stat r, deny /proc/3108/status r, deny /proc/3128/cmdline r, deny /proc/3128/stat r, deny /proc/3128/status r, deny /proc/3200/cmdline r, deny /proc/3200/stat r, deny /proc/3200/status r, deny /proc/3201/cmdline r, deny /proc/3201/stat r, deny /proc/3201/status r, deny /proc/3206/cmdline r, deny /proc/3206/stat r, deny /proc/3206/status r, deny /proc/3213/cmdline r, deny /proc/3213/stat r, deny /proc/3213/status r, deny /proc/3483/cmdline r, deny /proc/3483/stat r, deny /proc/3483/status r, deny /proc/3502/cmdline r, deny /proc/3502/stat r, deny /proc/3502/status r, deny /proc/3811/cmdline r, deny /proc/3811/stat r, deny /proc/3811/status r, deny /proc/3851/cmdline r, deny /proc/3851/stat r, deny /proc/3851/status r, deny /proc/3976/cmdline r, deny /proc/3976/stat r, deny /proc/3976/status r, deny /proc/3977/cmdline r, deny /proc/3977/stat r, deny /proc/3977/status r, deny /proc/3978/cmdline r, deny /proc/3978/stat r, deny /proc/3978/status r, deny /proc/3986/cmdline r, deny /proc/3986/stat r, deny /proc/3986/status r, deny /proc/3988/cmdline r, deny /proc/3988/stat r, deny /proc/3988/status r, deny /proc/3989/cmdline r, deny /proc/3989/stat r, deny /proc/3989/status r, deny /proc/4/cmdline r, deny /proc/4/stat r, deny /proc/4/status r, deny /proc/4032/cmdline r, deny /proc/4032/stat r, deny /proc/4032/status r, deny /proc/4123/cmdline r, deny /proc/4123/stat r, deny /proc/4123/status r, deny owner /proc/4682/cmdline r, deny owner /proc/4682/stat r, deny owner /proc/4682/status r, deny owner /proc/4697/cmdline r, deny owner /proc/4697/stat r, deny owner /proc/4697/status r, deny owner /proc/4862/cmdline r, deny owner /proc/4862/stat r, deny owner /proc/4862/status r, deny owner /proc/4863/cmdline r, deny owner /proc/4863/stat r, deny owner /proc/4863/status r, deny owner /proc/4866/cmdline r, deny owner /proc/4866/stat r, deny owner /proc/4866/status r, deny owner /proc/4867/cmdline r, deny owner /proc/4867/stat r, deny owner /proc/4867/status r, deny owner /proc/4872/cmdline r, deny owner /proc/4872/stat r, deny owner /proc/4872/status r, deny owner /proc/4873/cmdline r, deny owner /proc/4873/stat r, deny owner /proc/4873/status r, deny owner /proc/4879/cmdline r, deny owner /proc/4879/stat r, deny owner /proc/4879/status r, deny owner /proc/4882/cmdline r, deny owner /proc/4882/stat r, deny owner /proc/4882/status r, deny owner /proc/4887/cmdline r, deny owner /proc/4887/stat r, deny owner /proc/4887/status r, deny owner /proc/4898/cmdline r, deny owner /proc/4898/stat r, deny owner /proc/4898/status r, deny owner /proc/4920/cmdline r, deny owner /proc/4920/stat r, deny owner /proc/4920/status r, deny owner /proc/4927/cmdline r, deny owner /proc/4927/stat r, deny owner /proc/4927/status r, deny owner /proc/4928/cmdline r, deny owner /proc/4928/stat r, deny owner /proc/4928/status r, deny owner /proc/4930/cmdline r, deny owner /proc/4930/stat r, deny owner /proc/4930/status r, deny owner /proc/4932/cmdline r, deny owner /proc/4932/stat r, deny owner /proc/4932/status r, deny owner /proc/4936/cmdline r, deny owner /proc/4936/stat r, deny owner /proc/4936/status r, deny owner /proc/4956/cmdline r, deny owner /proc/4956/stat r, deny owner /proc/4956/status r, deny owner /proc/4959/cmdline r, deny owner /proc/4959/stat r, deny owner /proc/4959/status r, deny owner /proc/4961/cmdline r, deny owner /proc/4961/stat r, deny owner /proc/4961/status r, deny owner /proc/4984/cmdline r, deny owner /proc/4984/stat r, deny owner /proc/4984/status r, deny owner /proc/4990/cmdline r, deny owner /proc/4990/stat r, deny owner /proc/4990/status r, deny owner /proc/4994/cmdline r, deny owner /proc/4994/stat r, deny owner /proc/4994/status r, deny /proc/4998/cmdline r, deny /proc/4998/stat r, deny /proc/4998/status r, deny /proc/5/cmdline r, deny /proc/5/stat r, deny /proc/5/status r, deny owner /proc/5000/cmdline r, deny owner /proc/5000/stat r, deny owner /proc/5000/status r, deny owner /proc/5009/cmdline r, deny owner /proc/5009/stat r, deny owner /proc/5009/status r, deny owner /proc/5020/cmdline r, deny owner /proc/5020/stat r, deny owner /proc/5020/status r, deny /proc/5025/cmdline r, deny /proc/5025/stat r, deny /proc/5025/status r, deny owner /proc/5331/cmdline r, deny owner /proc/5331/stat r, deny owner /proc/5331/status r, deny /proc/5332/cmdline r, deny /proc/5332/stat r, deny /proc/5332/status r, deny /proc/5338/cmdline r, deny /proc/5338/stat r, deny /proc/5338/status r, deny /proc/5356/cmdline r, deny /proc/5356/stat r, deny /proc/5356/status r, deny /proc/5360/cmdline r, deny /proc/5360/stat r, deny /proc/5360/status r, deny /proc/5361/cmdline r, deny /proc/5361/stat r, deny /proc/5361/status r, deny /proc/5363/cmdline r, deny /proc/5363/stat r, deny /proc/5363/status r, deny /proc/5368/cmdline r, deny /proc/5368/stat r, deny /proc/5368/status r, deny /proc/6/cmdline r, deny /proc/6/stat r, deny /proc/6/status r, deny /proc/6157/cmdline r, deny /proc/6157/stat r, deny /proc/6157/status r, deny /proc/6159/cmdline r, deny /proc/6159/stat r, deny /proc/6159/status r, deny /proc/651/cmdline r, deny /proc/651/stat r, deny /proc/651/status r, deny /proc/67/cmdline r, deny /proc/67/stat r, deny /proc/67/status r, deny /proc/68/cmdline r, deny /proc/68/stat r, deny /proc/68/status r, deny /proc/69/cmdline r, deny /proc/69/stat r, deny /proc/69/status r, deny /proc/7/cmdline r, deny /proc/7/stat r, deny /proc/7/status r, deny /proc/732/cmdline r, deny /proc/732/stat r, deny /proc/732/status r, deny /proc/76/cmdline r, deny /proc/76/stat r, deny /proc/76/status r, deny /proc/77/cmdline r, deny /proc/77/stat r, deny /proc/77/status r, deny /proc/8/cmdline r, deny /proc/8/stat r, deny /proc/8/status r, deny owner /proc/8354/cmdline r, deny owner /proc/8354/stat r, deny owner /proc/8354/status r, deny /proc/9/cmdline r, deny /proc/9/stat r, deny /proc/9/status r, deny /proc/97/cmdline r, deny /proc/97/stat r, deny /proc/97/status r, deny /proc/98/cmdline r, deny /proc/98/stat r, deny /proc/98/status r, deny /proc/99/cmdline r, deny /proc/99/stat r, deny /proc/99/status r, deny /proc/9947/cmdline r, deny /proc/9947/stat r, deny /proc/9947/status r, deny /proc/9949/cmdline r, deny /proc/9949/stat r, deny /proc/9949/status r, deny /proc/9955/cmdline r, deny /proc/9955/stat r, deny /proc/9955/status r, deny /proc/9973/cmdline r, deny /proc/9973/stat r, deny /proc/9973/status r, deny /proc/9983/cmdline r, deny /proc/9983/stat r, deny /proc/9983/status r, deny /proc/9984/cmdline r, deny /proc/9984/stat r, deny /proc/9984/status r, deny /proc/meminfo r, deny /proc/stat r, deny /proc/sys/kernel/pid_max r, deny /proc/uptime r, deny /usr/bin/bug-buddy x, deny /usr/bin/pactl x, deny /usr/lib/firefox/firefox x, deny /usr/lib/firefox/firefox.sh x, /dev/shm/ r, owner /dev/shm/pulse-shm* rw, /etc/alsa-pulse.conf r, /etc/gre.d/ r, /etc/gre.d/1.9.0.19.system.conf r, /etc/gre.d/1.9.1.10.system.conf r, /etc/gre.d/1.9.1.9.system.conf r, /etc/mime.types r, /etc/pulse/client.conf r, owner /home/*/.ICEauthority r, owner /home/*/.adobe/Flash_Player/AssetCache/ r, owner /home/*/.esd_auth r, owner /home/*/.fontconfig/* r, owner /home/*/.icons/ r, owner /home/*/.macromedia/Flash_Player/#SharedObjects/ r, owner /home/*/.macromedia/Flash_Player/#SharedObjects/** w, owner /home/*/.macromedia/Flash_Player/#SharedObjects/**/ r, owner /home/*/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/** r, owner /home/*/.mozilla/extensions/*/ r, owner /home/*/.mozilla/firefox/*.default/*.cache rw, owner /home/*/.mozilla/firefox/*.default/*.ini a, owner /home/*/.mozilla/firefox/*.default/*.log a, owner /home/*/.mozilla/firefox/*.default/*.tmp rw, owner /home/*/.mozilla/firefox/*.default/.autoreg w, owner /home/*/.mozilla/firefox/*.default/Cache.Trash/Trash*/Cache/ rw, owner /home/*/.mozilla/firefox/*.default/Cache.Trash/Trash/Cache/* w, owner /home/*/.mozilla/firefox/*.default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/components/AdblockPlus.js r, owner /home/*/.mozilla/firefox/*.default/signons.sqlite-journal rw, owner /home/*/.mozilla/firefox/*/ r, owner /home/*/.mozilla/firefox/*/.parentlock wk, owner /home/*/.mozilla/firefox/*/Cache/* rw, owner /home/*/.mozilla/firefox/*/OfflineCache/ r, owner /home/*/.mozilla/firefox/*/OfflineCache/index.sqlite rwk, owner /home/*/.mozilla/firefox/*/OfflineCache/index.sqlite-journal w, owner /home/*/.mozilla/firefox/*/XPC.mfasl rw, owner /home/*/.mozilla/firefox/*/XUL.mfasl rw, owner /home/*/.mozilla/firefox/*/adblockplus/patterns.ini rw, owner /home/*/.mozilla/firefox/*/adblockplus/patterns.ini-temp rw, owner /home/*/.mozilla/firefox/*/bookmarkbackups/ r, owner /home/*/.mozilla/firefox/*/cert8.db rw, owner /home/*/.mozilla/firefox/*/compatibility.ini rw, owner /home/*/.mozilla/firefox/*/compreg.dat rw, owner /home/*/.mozilla/firefox/*/content-prefs.sqlite rwk, owner /home/*/.mozilla/firefox/*/cookies.sqlite rwk, owner /home/*/.mozilla/firefox/*/cookies.sqlite-journal rw, owner /home/*/.mozilla/firefox/*/downloads.sqlite rwk, owner /home/*/.mozilla/firefox/*/downloads.sqlite-journal w, owner /home/*/.mozilla/firefox/*/extensions.cache r, owner /home/*/.mozilla/firefox/*/extensions.ini rw, owner /home/*/.mozilla/firefox/*/extensions.rdf r, owner /home/*/.mozilla/firefox/*/extensions/ r, owner /home/*/.mozilla/firefox/*/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/chrome.manifest r, owner /home/*/.mozilla/firefox/*/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/chrome/adblockplus.jar r, owner /home/*/.mozilla/firefox/*/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/components/ r, owner /home/*/.mozilla/firefox/*/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/defaults/preferences/ r, owner /home/*/.mozilla/firefox/*/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/defaults/preferences/adblockplus.js r, owner /home/*/.mozilla/firefox/*/formhistory.sqlite rwk, owner /home/*/.mozilla/firefox/*/formhistory.sqlite-journal w, owner /home/*/.mozilla/firefox/*/key3.db rw, owner /home/*/.mozilla/firefox/*/localstore-1.rdf rw, owner /home/*/.mozilla/firefox/*/localstore.rdf rw, owner /home/*/.mozilla/firefox/*/lock w, owner /home/*/.mozilla/firefox/*/permissions.sqlite rwk, owner /home/*/.mozilla/firefox/*/places.sqlite rwk, owner /home/*/.mozilla/firefox/*/places.sqlite-journal rw, owner /home/*/.mozilla/firefox/*/pluginreg.dat rw, owner /home/*/.mozilla/firefox/*/prefs-1.js rw, owner /home/*/.mozilla/firefox/*/prefs.js rw, owner /home/*/.mozilla/firefox/*/search.json rw, owner /home/*/.mozilla/firefox/*/search.sqlite rwk, owner /home/*/.mozilla/firefox/*/secmod.db r, owner /home/*/.mozilla/firefox/*/sessionstore-1.js rw, owner /home/*/.mozilla/firefox/*/sessionstore.js rw, owner /home/*/.mozilla/firefox/*/signons.sqlite rwk, owner /home/*/.mozilla/firefox/*/urlclassifier3.sqlite rwk, owner /home/*/.mozilla/firefox/*/urlclassifier3.sqlite-journal w, owner /home/*/.mozilla/firefox/*/urlclassifierkey3.txt rw, owner /home/*/.mozilla/firefox/*/webappsstore.sqlite rwk, owner /home/*/.mozilla/firefox/*/webappsstore.sqlite-journal w, owner /home/*/.mozilla/firefox/*/xpti.dat rw, owner /home/*/.mozilla/firefox/8c4bmlqa.default/Cache.Trash/ rw, owner /home/*/.mozilla/firefox/8c4bmlqa.default/Cache.Trash/*/ rw, owner /home/*/.mozilla/firefox/8c4bmlqa.default/Cache/ rw, owner /home/*/.mozilla/firefox/8c4bmlqa.default/adblockplus/* rw, owner /home/*/.mozilla/firefox/8c4bmlqa.default/blocklist.xml a, owner /home/*/.mozilla/firefox/8c4bmlqa.default/bookmarkbackups/* w, owner /home/*/.mozilla/firefox/8c4bmlqa.default/content-prefs.sqlite-journal a, owner "/home/*/.mozilla/firefox/8c4bmlqa.default/extensions/Access Privileges Test/" w, owner /home/*/.mozilla/firefox/8c4bmlqa.default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/chrome.manifest r, owner /home/*/.mozilla/firefox/8c4bmlqa.default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/chrome/adblockplus.jar r, owner /home/*/.mozilla/firefox/8c4bmlqa.default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/components/ r, owner /home/*/.mozilla/firefox/8c4bmlqa.default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/components/AdblockPlus.js r, owner /home/*/.mozilla/firefox/8c4bmlqa.default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/defaults/preferences/ r, owner /home/*/.mozilla/firefox/8c4bmlqa.default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/defaults/preferences/adblockplus.js r, owner /home/*/.mozilla/firefox/8c4bmlqa.default/mimeTypes.rdf rw, owner /home/*/.mozilla/firefox/8c4bmlqa.default/search.sqlite-journal rw, owner /home/*/.mozilla/firefox/8c4bmlqa.default/sessionstore.bak w, owner /home/*/.mozilla/firefox/profiles.ini r, owner /home/*/Downloads/ w, owner /proc/*/mounts r, /proc/sys/kernel/ngroups_max r, /usr/bin/pactl mr, /usr/share/applications/mimeinfo.cache r, /usr/share/gvfs/remote-volume-monitors/ r, /usr/share/gvfs/remote-volume-monitors/gphoto2.monitor r, /usr/share/gvfs/remote-volume-monitors/hal.monitor r, /usr/share/locale-bundle/ru/LC_MESSAGES/* r, /usr/share/mime/audio/*.xml r, /usr/share/mozilla/extensions/*/ r, /usr/share/mozilla/extensions/\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}/susefox@opensuse.org/chrome.manifest r, /usr/share/mozilla/extensions/\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}/susefox@opensuse.org/defaults/preferences/ r, /usr/share/mozilla/extensions/\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}/susefox@opensuse.org/defaults/preferences/susefox-pfs.js r, /var/cache/gio-2.0/defaults.list r, owner /var/run/gdm/auth-for*/database r, } | about 1 year ago | 108 | cityzen | Edit | History | ||
| opensuse11.0 | /usr/bin/gtk-gnutella | #include <tunables/global> /usr/bin/gtk-gnutella flags=(complain) { #include <abstractions/base> } | about 1 year ago | Default | 162 | gtk-gnutella | Edit | History | |
| ubuntu-gutsy | /usr/bin/gnome-at-properties | #include <tunables/global> /usr/bin/gnome-at-properties { #include <abstractions/base> /usr/bin/gnome-at-properties mr, } | over 4 years ago | gnome | 291 | hbpteam | Edit | History | |
| opensuse11.0 | /home/dga/cat_hosts.ksh | #include <tunables/global> /home/dga/cat_hosts.ksh flags=(complain) { #include <abstractions/base> } | about 1 year ago | /home/dga/cat_hosts.log | 73 | dga | Edit | History | |
| opensuse11.0 | /usr/sbin/traceroute | #include <tunables/global> /usr/sbin/traceroute { #include <abstractions/base> #include <abstractions/nameservice> /usr/sbin/traceroute r, } | about 1 year ago | 2 | 161 | asdas | Edit | History | |
| opensuse10.3 | /usr/bin/gpgsm | #include <tunables/global> /usr/bin/gpgsm flags=(complain) { #include <abstractions/base> /home/*/.gnupg/* lrw, /usr/bin/gpgsm mr, } | over 3 years ago | internet radio, u.a. | 251 | shivver-fox | Edit | History | |
| opensuse10.3 | /usr/sbin/httpd2-prefork | # $Id: usr.sbin.httpd2-prefork 706 2007-05-31 06:58:22Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/perl> capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_tty_config, /dev/random r, /etc/apache2/*.conf r, /etc/apache2/magic r, /etc/apache2/mod_perl-startup.pl r, /etc/apache2/ssl.crt/*.crt r, /etc/apache2/ssl.key/*.key r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/apache2/{conf,sysconfig,vhosts}.d/* r, /etc/fstab r, /etc/mime.types r, /etc/mtab r, /etc/odbcinst.ini r, /etc/php.d/ r, /etc/php.d/** r, /etc/php.ini r, /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /tmp/auth_ldap_cache.sem wl, /tmp/session_mm_apache0.sem wl, /tmp/session_mm_apache2handler0.sem wl, /usr/X11R6/lib/lib*.so* mr, /usr/X11R6/lib64/lib*.so* mr, /usr/apache2/error/* r, /usr/lib/apache2-leader/{lib,mod_}*.so* mr, /usr/lib/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib/apache2-worker/{lib,mod_}*.so* mr, /usr/lib/apache2/modules/{lib,mod_}*.so* mr, /usr/lib/apache2/{lib,mod_}*.so mr, /usr/lib/mysql/libmysql*.so* mr, /usr/lib/php/extensions/*.so mr, /usr/lib/php4/*.so mr, /usr/lib/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib/python[12].[0-9]/site-packages r, /usr/lib/qt3/lib/lib*.so* mr, /usr/lib64/apache2-leader/{lib,mod_}*.so* mr, /usr/lib64/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib64/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib64/apache2-worker/{lib,mod_}*.so* mr, /usr/lib64/apache2/modules/{lib,mod_}*.so* mr, /usr/lib64/apache2/{lib,mod_}*.so* mr, /usr/lib64/mysql/libmysql*.so* mr, /usr/lib64/php/extensions/*.so mr, /usr/lib64/php4/*.so mr, /usr/lib64/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib64/python[12].[0-9]/site-packages r, /usr/lib64/qt3/lib/lib*.so* mr, /usr/local/tomcat/conf/mod_jk.conf r, /usr/local/tomcat/conf/workers-ajp12.properties r, /usr/sbin/httpd2-prefork r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /usr/share/apache2/error/* r, /usr/share/apache2/error/include/* r, /usr/share/misc/magic.mime r, /usr/share/snmp/mibs r, /usr/share/snmp/mibs/*.{txt,mib} r, /usr/share/snmp/mibs/.index wr, /usr/share/ssl/openssl.cnf r, /var/lib/php/sess_* rwl, /var/lock/httpd2.lock.* wl, /var/log/apache2/* rwl, /var/log/apache2/** rwl, /var/log/httpd/ssl_scache.dir r, /var/log/httpd/ssl_scache.pag r, /var/run/httpd2.mm.* wl, /var/run/httpd2.pid wl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } /usr/sbin/httpd2-prefork//DEFAULT_URI flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /var/lib/php/sess_* rwl, /var/log/apache2/** rwl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /**.htaccess r, /var/log/apache2/* w, } | over 3 years ago | 313 | hbree | Edit | History | ||
| opensuse10.3 | /usr/lib/cups/daemon/cups-deviced | #include <tunables/global> /usr/lib/cups/daemon/cups-deviced flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/perl> #include <abstractions/python> capability setgid, capability setuid, /bin/bash ixr, /dev/bus/usb/ r, /dev/bus/usb/** rw, /dev/lp0 rw, /dev/ttyS0 w, /dev/tty{*} w, /proc/meminfo r, /root/.hplip/hplip.conf r, /usr/bin/env ixr, /usr/bin/perl ix, /usr/bin/python2.5 ixr, /usr/bin/smbspool ixr, /usr/lib/cups/backend/beh ixr, /usr/lib/cups/backend/canon ixr, /usr/lib/cups/backend/epson ixr, /usr/lib/cups/backend/hal ixr, /usr/lib/cups/backend/hp ixr, /usr/lib/cups/backend/hpfax ixr, /usr/lib/cups/backend/ipp ixr, /usr/lib/cups/backend/lpd ixr, /usr/lib/cups/backend/parallel ixr, /usr/lib/cups/backend/pipe ixr, /usr/lib/cups/backend/scsi ixr, /usr/lib/cups/backend/serial ixr, /usr/lib/cups/backend/snmp ixr, /usr/lib/cups/backend/socket ixr, /usr/lib/cups/backend/usb ixr, /usr/lib/cups/daemon/cups-deviced mr, /usr/share/hplip/**.py r, /usr/share/hplip/**.pyc r, } | over 4 years ago | 287 | dhughes | Edit | History | ||
| opensuse10.3 | /bin/uname | #include <tunables/global> /bin/uname { #include <abstractions/base> /bin/uname mr, /proc/cpuinfo r, } | over 4 years ago | Import of jmichaels profiles | 318 | dominic | Edit | History | |
| opensuse10.3 | /bin/ps | #include <tunables/global> /bin/ps flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability dac_override, capability sys_admin, capability sys_ptrace, /bin/ps mr, /proc/ r, /proc/*/attr/current r, /proc/*/cmdline r, /proc/*/stat r, /proc/*/status r, /proc/meminfo r, /proc/stat r, /proc/sys/kernel/pid_max r, /proc/tty/drivers r, /proc/uptime r, } | over 4 years ago | argh, switch things back to complain for a while | 307 | jmichael | Edit | History | |
| opensuse10.3 | /usr/lib/cups/backend/usb | #include <tunables/global> /usr/lib/cups/backend/usb flags=(complain) { #include <abstractions/base> /usr/lib/cups/backend/usb mr, } | over 4 years ago | cups testing | 377 | dominic | Edit | History | |
| opensuse10.3 | /bin/basename | #include <tunables/global> /bin/basename flags=(complain) { #include <abstractions/base> /bin/basename mr, } | over 4 years ago | 347 | overwrite | Edit | History | ||
| opensuse10.3 | /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper | #include <tunables/global> /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/sysconfig/proxy r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper mr, } | over 4 years ago | none | 294 | cinimod | Edit | History | |
| opensuse10.3 | /usr/bin/bug-buddy | #include <tunables/global> /usr/bin/bug-buddy { #include <abstractions/base> /usr/bin/bug-buddy mr, } | over 3 years ago | 284 | FYPJ | Edit | History | ||
| opensuse10.3 | /usr/bin/xscreensaver | #include <tunables/global> /usr/bin/xscreensaver flags=(complain) { #include <abstractions/base> /usr/bin/xscreensaver mr, } | over 4 years ago | argh, switch things back to complain for a while | 305 | jmichael | Edit | History | |
| opensuse10.3 | /usr/lib/cups/daemon/cups-deviced | #include <tunables/global> /usr/lib/cups/daemon/cups-deviced flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability setgid, capability setuid, /bin/bash ixr, /proc/meminfo r, /usr/bin/smbspool Px, /usr/lib/cups/backend/ r, /usr/lib/cups/backend/beh Px, /usr/lib/cups/backend/hal Px, /usr/lib/cups/backend/ipp Px, /usr/lib/cups/backend/lpd Px, /usr/lib/cups/backend/novell Px, /usr/lib/cups/backend/parallel Px, /usr/lib/cups/backend/pipe Px, /usr/lib/cups/backend/scsi Px, /usr/lib/cups/backend/serial Px, /usr/lib/cups/backend/snmp Px, /usr/lib/cups/backend/socket Px, /usr/lib/cups/backend/usb Px, /usr/lib/cups/daemon/cups-deviced mr, } | over 4 years ago | cups testing | 308 | dominic | Edit | History | |
| opensuse10.3 | /usr/lib/firefox/firefox-bin | #include <tunables/global> /usr/lib/firefox/firefox-bin flags=(complain) { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /bin/bash ixr, /bin/grep ixr, /bin/netstat Px, /bin/ps Px, /etc/gai.conf r, /etc/gnome-vfs-2.0/modules/ r, /etc/mailcap r, /etc/mime.types r, /etc/mtab r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.adobe/Flash_Player/** r, /home/*/.beagle/socket w, /home/*/.bookmarks.html rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini.* rw, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/applications/ r, /home/*/.local/share/applications/*.desktop r, /home/*/.local/share/applications/defaults.list r, /home/*/.local/share/applications/mimeinfo.cache r, /home/*/.local/share/icons/ r, /home/*/.macromedia/Flash_Player/** r, /home/*/.mailcap r, /home/*/.mozilla/firefox/** rw, /home/*/.mozilla/firefox/*/.parentlock krw, /home/*/.mozilla/firefox/*/urlclassifier2.sqlite krw, /home/*/.mozilla/plugins/ r, /home/*/.mozilla/plugins/libflashplayer.so mr, /home/*/.recently-used.xbel r, /home/*/Desktop/ r, /home/*/Desktop/** rw, /home/*/Documents/** rw, /opt/kde3/bin/gwenview Px, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/*/maps r, /proc/cpuinfo r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/acroread Px, /usr/bin/eog Px, /usr/bin/evince Px, /usr/bin/file-roller Px, /usr/bin/gimp-remote-2.2 Px, /usr/bin/gvim-normal ixr, /usr/bin/mplayer Px, /usr/lib/Acrobat7/Browser/intellinux/*.so mr, /usr/lib/firefox/firefox-bin ixr, /usr/lib/firefox/firefox.sh Px, /usr/share/applications/ r, /usr/share/applications/*.desktop r, /usr/share/applications/mimeinfo.cache r, /usr/share/dist/icons/suse-help.svg r, /usr/share/gdm/applications/ r, /usr/share/mime/**.xml r, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/* r, } | over 4 years ago | allow -d gdb option for firefox plus other misc updates | 280 | jmichael | Edit | History | |
| opensuse10.3 | /opt/kde3/bin/kopete | #include <tunables/global> /opt/kde3/bin/kopete { #include <abstractions/base> /opt/kde3/bin/kopete mr, /opt/kde3/lib/lib*so* mr, /usr/lib/qt3/lib/lib*so* mr, } | over 4 years ago | 1 | 313 | robsn81 | Edit | History | |
| opensuse11.0 | /usr/sbin/smbd | # $Id: usr.sbin.smbd 697 2007-05-25 03:09:30Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/smbd { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> capability dac_override, capability dac_read_search, capability net_bind_service, capability setgid, capability setuid, capability sys_resource, /etc/cups/client.conf r, /etc/samba/dhcp.conf r, audit owner /etc/samba/secrets.tdb rwk, /etc/samba/smb.conf r, owner /etc/samba/smbpasswd rwk, owner /srv/dev/ r, owner /srv/shared/ r, /tmp rw, /usr/lib/samba/lowcase.dat r, /usr/lib/samba/upcase.dat r, /usr/lib/samba/valid.dat r, /usr/sbin/smbd r, /var/lib/samba/** rwk, owner /var/log/samba/cores/smbd/ w, /var/log/samba/log.smbd w, owner /var/run/cups/cups.sock w, owner /var/run/samba/smbd.pid wk, /var/tmp rw, /var/tmp/** rwl, @{HOMEDIRS} rwl, @{HOME}/** rwl, @{PROC}/[0-9]*/mounts r, } | 11 months ago | 65 | rtwassa | Edit | History | ||
| ubuntu-gutsy | /usr/sbin/named | #include <tunables/global> /usr/sbin/named { #include <abstractions/base> #include <abstractions/nameservice> capability net_bind_service, capability setgid, capability setuid, capability sys_chroot, capability sys_resource, /proc/net/if_inet6 r, /usr/sbin/named mr, /var/named/run-root/dev/random r, /var/named/run-root/dev/urandom r, /var/named/run-root/etc/bind/** r, /var/named/run-root/etc/localtime r, /var/named/run-root/etc/named.conf r, /var/named/run-root/var/139.25.85.in-addr.arpa r, /var/named/run-root/var/cache/bind/ rw, /var/named/run-root/var/cache/bind/** rw, /var/named/run-root/var/dev/** r, /var/named/run-root/var/harfe-karlsruhe.de r, /var/named/run-root/var/lib/bind/ rw, /var/named/run-root/var/lib/bind/** rw, /var/named/run-root/var/lib/dnscvsutil/compiled/** rw, /var/named/run-root/var/localhost.rev r, /var/named/run-root/var/log/named/** rw, /var/named/run-root/var/named.root r, /var/named/run-root/var/run/bind/named.options r, /var/named/run-root/var/run/bind/run/named.pid w, /var/named/run-root/var/run/named/named.pid w, /var/named/run-root/var/studebo.com r, /var/named/run-root/var/studebo.de r, /var/named/run-root/var/studebo.net r, } | over 2 years ago | named | 225 | jmfrank63 | Edit | History | |
| opensuse10.3 | /bin/dbus-daemon | #include <tunables/global> /bin/dbus-daemon { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/nameservice> capability dac_override, capability setgid, capability setuid, /bin/dbus-daemon mr, /etc/dbus-1/session.conf r, /etc/dbus-1/system.conf r, /etc/dbus-1/system.d/ r, /etc/dbus-1/system.d/*.conf r, /usr/bin/helix-dbus-server Px, /usr/lib/control-center-2.0/gnome-settings-daemon Px, /usr/lib/gnome-vfs-2.0/gnome-vfs-daemon Px, /usr/lib/notification-daemon-1.0/notification-daemon Px, /usr/share/dbus-1/services/ r, /usr/share/dbus-1/services/*.service r, /var/run/dbus/pid w, } | over 4 years ago | none | 280 | cinimod | Edit | History | |
| opensuse10.3 | /usr/bin/gconftool-2 | #include <tunables/global> /usr/bin/gconftool-2 { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability kill, capability sys_ptrace, /etc/gconf/gconf.xml.defaults/ r, /etc/gconf/gconf.xml.defaults/.testing.writeability w, /etc/gconf/gconf.xml.schemas/ r, /etc/gconf/gconf.xml.schemas/** rw, /etc/gconf/schema-install-source r, /etc/gconf/schemas/**.schemas r, /etc/gconf/schemas/*.entries r, /proc/ r, /proc/*/cmdline r, /proc/*/stat r, /usr/bin/gconftool-2 mr, /usr/bin/killall ixr, /usr/lib/GConf/2/gconfd-2 Px, } | over 4 years ago | none | 252 | cinimod | Edit | History | |
| opensuse10.3 | /bin/uname | #include <tunables/global> /bin/uname { #include <abstractions/base> /bin/uname mr, /proc/cpuinfo r, } | over 4 years ago | none | 288 | cinimod | Edit | History | |
| opensuse10.3 | /usr/lib/GConf/2/gconf-sanity-check-2 | #include <tunables/global> /usr/lib/GConf/2/gconf-sanity-check-2 { #include <abstractions/X> #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /home/*/.Xauthority r, /tmp/gconf-test-locking-file-* klrw, /usr/lib/GConf/2/gconf-sanity-check-2 mr, } | over 4 years ago | Import of jmichaels profiles | 298 | dominic | Edit | History | |
| opensuse11.0 | /usr/sbin/sshd | # $Id: usr.sbin.sshd 697 2007-05-25 03:09:30Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ # will need to revalidate this profile once we finish re-architecting # the change_hat patch. # #include <tunables/global> /usr/sbin/sshd { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/wutmp> capability chown, capability fowner, capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_chroot, capability sys_tty_config, /bin/ash Ux, /bin/bash Ux, /bin/bash2 Ux, /bin/bsh Ux, /bin/csh Ux, /bin/ksh Ux, /bin/sh Ux, /bin/tcsh Ux, /bin/zsh Ux, /dev/ptmx rw, /dev/pts/[0-9]* rw, /dev/urandom r, /etc/environment r, /etc/hosts.allow r, /etc/hosts.deny r, /etc/modules.conf r, /etc/motd r, /etc/ssh/* r, /etc/ssh/moduli r, /sbin/nologin Ux, /tmp/ssh-*/agent.[0-9]* rwl, /tmp/ssh-*[0-9]*/ w, /usr/sbin/sshd mrix, /var/run w, /var/run/sshd{,.init}.pid wl, @{HOME}/.ssh/authorized_keys{,2} r, @{PROC}/[0-9]*/fd/ r, @{PROC}/[0-9]*/loginuid w, @{PROC}/[0-9]*/mounts r, ^AUTHENTICATED { #include <abstractions/authentication> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/wutmp> capability setgid, capability setuid, capability sys_tty_config, /dev/log w, /dev/ptmx rw, /etc/default/passwd r, /etc/localtime r, /etc/login.defs r, /etc/motd r, /tmp/ssh-*/agent.[0-9]* rwl, /tmp/ssh-*[0-9]*/ w, } ^EXEC { #include <abstractions/base> /bin/ash Ux, /bin/bash Ux, /bin/bash2 Ux, /bin/bsh Ux, /bin/csh Ux, /bin/ksh Ux, /bin/sh Ux, /bin/tcsh Ux, /bin/zsh Ux, /sbin/nologin Ux, } ^PRIVSEP { #include <abstractions/base> #include <abstractions/nameservice> capability setgid, capability setuid, capability sys_chroot, } ^PRIVSEP_MONITOR { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/wutmp> capability chown, capability setgid, capability setuid, /dev/ptmx rw, /dev/pts/[0-9]* rw, /dev/urandom r, /etc/hosts.allow r, /etc/hosts.deny r, /etc/ssh/moduli r, @{HOME}/.ssh/authorized_keys{,2} r, @{PROC}/[0-9]*/mounts r, } } | over 2 years ago | 186 | Aleksandr | Edit | History | ||
| opensuse11.0 | /usr/lib64/firefox/firefox.sh | #include <tunables/global> /usr/lib64/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, } | over 3 years ago | 233 | rbedger | Edit | History | ||
| opensuse10.3 | /usr/bin/php5 | #include <tunables/global> /usr/bin/php5 { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/php5> capability dac_override, /etc/php5/cli/* r, /root/.pearrc r, /tmp/* rw, /tmp/pear/*/ w, /usr/bin/php5 ixr, /usr/share/kolab/scripts/resmgr/* r, /usr/share/php5/** krw, /var/lib/php5/session_mm_* klrw, } | over 4 years ago | 291 | haris | Edit | History | ||
| opensuse10.3 | /usr/sbin/lisa | #include <tunables/global> /usr/sbin/lisa { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/winbind> capability net_raw, capability setuid, network inet raw, /bin/bash ixr, /etc/lisarc r, /proc/meminfo r, /usr/bin/nmblookup ixr, /usr/sbin/lisa mr, /var/lib/samba/unexpected.tdb r, } | over 4 years ago | 446 | JaMm | Edit | History | ||
| opensuse11.0 | /usr/sbin/named | #include <tunables/global> /usr/sbin/named flags=(complain) { #include <abstractions/base> capability setgid, } | over 2 years ago | 172 | oliver siebert | Edit | History | ||
| opensuse11.0 | /usr/bin/kopete | #include <tunables/global> /usr/bin/kopete { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/kde> #include <abstractions/nameservice> deny owner /home/aleksandr/.isomaster r, deny owner /home/aleksandr/.windows-serial r, deny /home/aleksandr/1 r, deny owner /home/aleksandr/avtorizator/.directory r, deny /home/aleksandr/index.html.1 r, owner /DATA_SONY/** rw, /etc/exports r, /etc/fstab r, /etc/kde4/share/config/oxygenrc r, /etc/kde4rc r, /etc/mtab r, /etc/rpc r, /etc/security/fileshare.conf r, /home/ r, owner /home/*/ r, owner /home/*/.DCOPserver_linux-3gqq__0 r, owner /home/*/.FuriusIsoMount/ r, owner /home/*/.ICEauthority r, owner /home/*/.Wammu r, owner /home/*/.Xauthority r, owner /home/*/.bash_history r, owner /home/*/.bashrc r, owner /home/*/.config/.directory rw, owner /home/*/.config/Trolltech.conf rwk, owner /home/*/.config/enchant/ r, owner /home/*/.config/enchant/ru.dic rk, owner /home/*/.config/enchant/ru.exc rk, owner /home/*/.devede r, owner /home/*/.directory rw, owner /home/*/.dmrc r, owner /home/*/.emacs r, owner /home/*/.esd_auth r, owner /home/*/.fontconfig/* r, owner /home/*/.fonts.conf r, owner /home/*/.gtk-bookmarks r, owner /home/*/.inputrc r, owner /home/*/.kde/share/config/kdeglobals rk, owner /home/*/.kde4/share/ w, owner /home/*/.kde4/share/apps/** rw, owner /home/*/.kde4/share/config/ w, owner /home/*/.kde4/share/config/* rw, owner /home/*/.kde4/share/config/kdeglobals rwk, owner /home/*/.kde4/share/config/kresources/contact/* rw, owner /home/*/.kde4/share/emoticons/ r, owner /home/*/.kde4/share/emoticons/** r, owner /home/*/.lircrc r, owner /home/*/.local/.directory rw, owner /home/*/.local/share/mime/generic-icons r, owner /home/*/.local/share/mime/magic r, owner /home/*/.local/share/user-places.xbel r, owner /home/*/.mtab.fuseiso r, owner /home/*/.nvidia-settings-rc r, owner /home/*/.opera/.directory r, owner /home/*/.part r, owner /home/*/.profile r, owner /home/*/.pulse-cookie r, owner /home/*/.recently-used r, owner /home/*/.thumbnails/normal/* ra, owner /home/*/.wine/.directory r, owner /home/*/.xim.template r, owner /home/*/.xinitrc.template r, owner /home/*/.xsession-errors r, owner /home/*/.y2log r, owner /home/*/.y2usersettings r, owner /home/*/Desktop/.directory rw, owner /home/*/bin/.directory rw, /media/ r, /opt/gnome/share/icons/hicolor/ r, /opt/gnome/share/icons/hicolor/**/ r, /opt/gnome/share/mime/generic-icons r, /opt/gnome/share/mime/magic r, /opt/kde3/bin/kdialog rix, owner /proc/*/net/ r, /proc/*/net/if_inet6 r, /proc/*/net/ipv6_route r, /proc/*/net/route r, /proc/*/net/unix r, /usr/bin/kdialog rix, /usr/bin/kopete r, /usr/lib/** mr, /usr/lib/kde4/libexec/drkonqi rix, /usr/share/emoticons/ r, /usr/share/enchant/enchant.ordering r, /usr/share/kde4/apps/** r, /usr/share/kde4/config/* r, /usr/share/kde4/config/ui/ui_standards.rc r, /usr/share/locale-bundle/en_US/LC_MESSAGES/kde4-openSUSE.mo r, /usr/share/locale-bundle/ru/** r, /usr/share/locale-langpack/ru/LC_MESSAGES/kde4-openSUSE.mo r, /usr/share/qca/certs/rootcerts.pem r, /var/cache/libx11/compose/l4_024_313cb605_00280cc0 r, } | over 2 years ago | 185 | Aleksandr | Edit | History | ||
| opensuse11.0 | /usr/lib64/firefox/firefox.sh | #include <tunables/global> /usr/lib64/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, } | over 2 years ago | fire | 196 | rocio | Edit | History | |
| ubuntu-gutsy | /usr/lib/postfix/spawn | # $Id: usr.lib.postfix.spawn 90 2006-08-04 19:13:59Z seth_arnold $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2006 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/lib/postfix/spawn { #include <abstractions/base> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <program-chunks/postfix-common> /usr/lib/postfix/spawn rmix, } | over 3 years ago | 238 | stive | Edit | History | ||
| opensuse11.0 | /usr/share/amsn/amsn | #include <tunables/global> /usr/share/amsn/amsn { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, } | over 3 years ago | 239 | josemanuel | Edit | History | ||
| opensuse10.3 | /usr/bin/cal | #include <tunables/global> /usr/bin/cal { #include <abstractions/base> /usr/bin/cal mr, } | over 3 years ago | /var/log/apparmor/reports/cal/log | 274 | doknisa | Edit | History | |
| opensuse10.3 | /bin/dbus-daemon | #include <tunables/global> /bin/dbus-daemon { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability dac_override, capability setgid, capability setuid, /bin/dbus-daemon mr, /etc/dbus-1/session.conf r, /etc/dbus-1/system.conf r, /etc/dbus-1/system.d/ r, /etc/dbus-1/system.d/*.conf r, /etc/opt/kde3/share/ r, /home/*/ r, /home/*/.local/share/ r, /home/*/.strigi/*.conf rw, /home/*/.strigi/clucene/* r, /home/*/.strigi/lock kw, /home/*/.strigi/socket w, /opt/kde3/share/ r, /usr/bin/helix-dbus-server Px, /usr/bin/knotify4 Px, /usr/bin/strigidaemon Pxmr, /usr/lib/control-center-2.0/gnome-settings-daemon Px, /usr/lib/gnome-vfs-2.0/gnome-vfs-daemon Px, /usr/lib/notification-daemon-1.0/notification-daemon Px, /usr/lib/strigi/*.so mr, /usr/share/dbus-1/services/ r, /usr/share/dbus-1/services/*.service r, /usr/share/strigi/** r, /var/run/dbus/pid w, } | over 4 years ago | 283 | dominic | Edit | History | ||
| opensuse10.3 | /usr/bin/gconftool-2 | #include <tunables/global> /usr/bin/gconftool-2 { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability kill, capability sys_ptrace, /etc/gconf/gconf.xml.defaults/ r, /etc/gconf/gconf.xml.defaults/.testing.writeability w, /etc/gconf/gconf.xml.schemas/ r, /etc/gconf/gconf.xml.schemas/** rw, /etc/gconf/schema-install-source r, /etc/gconf/schemas/**.schemas r, /etc/gconf/schemas/*.entries r, /proc/ r, /proc/*/cmdline r, /proc/*/stat r, /usr/bin/gconftool-2 mr, /usr/bin/killall ixr, /usr/lib/GConf/2/gconfd-2 Px, } | over 4 years ago | Import of jmichaels profiles | 265 | dominic | Edit | History | |
| opensuse10.3 | /usr/lib/GConf/2/gconf-sanity-check-2 | #include <tunables/global> /usr/lib/GConf/2/gconf-sanity-check-2 { #include <abstractions/X> #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /home/*/.Xauthority r, /tmp/gconf-test-locking-file-* klrw, /usr/lib/GConf/2/gconf-sanity-check-2 mr, } | over 4 years ago | none | 274 | cinimod | Edit | History | |
| opensuse11.0 | /usr/bin/emacs | #include <tunables/global> /usr/bin/emacs flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, owner /usr/bin/emacs r, ^null-11 { deny owner /media/disk/Software/Frisksoftwareiceland/f-prot/f-prot.conf r, deny owner /root/ r, owner / r, owner /1 r, owner /dev/urandom r, owner /etc/ r, owner /etc/.pwd.lock r, owner /etc/DIR_COLORS r, owner /etc/HOSTNAME r, owner /etc/SuSE-brand r, owner /etc/SuSE-release r, owner /etc/a2ps-site.cfg r, owner /etc/a2ps.cfg r, owner /etc/adjtime r, owner /etc/aliases r, owner /etc/aliases.YaST2save r, owner /etc/aliases.db r, owner /etc/anthy-conf r, owner /etc/asound.state r, owner /etc/at.deny r, owner /etc/auto.master r, owner /etc/auto.misc r, owner /etc/auto.net r, owner /etc/auto.smb r, owner /etc/autofs_ldap_auth.conf r, owner /etc/bash.bashrc r, owner /etc/bash_command_not_found r, owner /etc/bindresvport.blacklist r, owner /etc/blkid.conf r, owner /etc/cron.deny r, owner /etc/crontab r, owner /etc/csh.cshrc r, owner /etc/csh.login r, owner /etc/cyrus.conf r, owner /etc/defaultdomain r, owner /etc/defkeymap.map r, owner /etc/defkeymap.name r, owner /etc/dhclient.conf r, owner /etc/dhcpd.conf r, owner /etc/dnsmasq.conf r, owner /etc/drirc r, owner /etc/enscript.cfg r, owner /etc/environment r, owner /etc/esd.conf r, owner /etc/ethers r, owner /etc/exim/ r, owner /etc/exim/exim.conf r, owner /etc/exports r, owner /etc/filesystems r, owner /etc/fonts/** r, owner /etc/fstab r, owner /etc/ftpusers r, owner /etc/gai.conf r, owner /etc/gnokiirc r, owner /etc/gnome_defaults.conf r, owner /etc/group r, owner /etc/group.YaST2save r, owner /etc/grub.conf r, owner /etc/gssapi_mech.conf r, owner /etc/gtk-2.0/gdk-pixbuf.loaders r, owner /etc/gtk-2.0/gtkrc r, owner /etc/host.conf r, owner /etc/hosts r, owner /etc/hosts.YaST2save r, owner /etc/hosts.allow r, owner /etc/hosts.deny r, owner /etc/hosts.equiv r, owner /etc/hosts.lpd r, owner /etc/hso-suspend.conf r, owner /etc/hushlogins r, owner /etc/idmapd.conf r, owner /etc/idn.conf r, owner /etc/idnalias.conf r, owner /etc/imapd.conf r, owner /etc/initscript r, owner /etc/inittab r, owner /etc/inputrc r, owner /etc/insserv.conf r, owner /etc/issue r, owner /etc/issue.net r, owner /etc/kde3rc r, owner /etc/kde4rc r, owner /etc/krb5.conf r, owner /etc/ksysguarddrc r, owner /etc/ld.so.cache r, owner /etc/ld.so.conf r, owner /etc/ldap.conf r, owner /etc/lesskey r, owner /etc/libaudit.conf r, owner /etc/localtime r, owner /etc/login.defs r, owner /etc/logrotate.conf r, owner /etc/magic r, owner /etc/mail.rc r, owner /etc/mailcap r, owner /etc/manpath.config r, owner /etc/microcode.dat r, owner /etc/mime.types r, owner /etc/mke2fs.conf r, owner /etc/motd r, owner /etc/mtab r, owner /etc/mtools.conf r, owner /etc/named.conf r, owner /etc/named.conf.include r, owner /etc/netconfig r, owner /etc/netgroup r, owner /etc/networks r, owner /etc/nscd.conf r, owner /etc/nsswitch.conf r, owner /etc/nsswitch.confbak r, owner /etc/ntp.conf r, owner /etc/ntp.keys r, owner /etc/openmpi-default-hostfile r, owner /etc/openmpi-mca-params.conf r, owner /etc/operaprefs_default.ini r, owner /etc/operaprefs_fixed.ini r, owner /etc/pango/pango.modules r, owner /etc/papersize r, owner /etc/passwd r, owner /etc/passwd.YaST2save r, owner /etc/permissions r, owner /etc/permissions.easy r, owner /etc/permissions.local r, owner /etc/permissions.paranoid r, owner /etc/permissions.secure r, owner /etc/pm-profiler.conf r, owner /etc/polkit-default-privs.local r, owner /etc/polkit-default-privs.restrictive r, owner /etc/polkit-default-privs.standard r, owner /etc/powerd.conf r, owner /etc/printcap r, owner /etc/profile r, owner /etc/protocols r, owner /etc/pythonstart r, owner /etc/raw r, owner /etc/rc.d.README r, owner /etc/rc.splash r, owner /etc/rc.status r, owner /etc/request-key.conf r, owner /etc/resolv.conf r, owner /etc/rndc.key r, owner /etc/rpc r, owner /etc/rsyncd.conf r, owner /etc/rsyncd.secrets r, owner /etc/rsyslog.conf r, owner /etc/rsyslog.early.conf r, owner /etc/scpm.users r, owner /etc/screenrc r, owner /etc/securetty r, owner /etc/sensors.conf r, owner /etc/sensors3.conf r, owner /etc/services r, owner /etc/shadow r, owner /etc/shadow.YaST2save r, owner /etc/shells r, owner /etc/slp.conf r, owner /etc/slp.spi r, owner /etc/smartd.conf r, owner /etc/smpppd-c.conf r, owner /etc/smpppd.conf r, owner /etc/sudoers r, owner /etc/suseRegister.conf r, owner /etc/suspend.conf r, owner /etc/sysctl.conf r, owner /etc/ttytype r, owner /etc/uniconf.conf r, owner /etc/usb_modeswitch.conf r, owner /etc/vimrc r, owner /etc/wgetrc r, owner /etc/wvdial.conf r, owner /etc/xattr.conf r, owner /etc/xinetd.conf r, owner /etc/yp.conf r, owner /etc/zprofile r, owner /etc/zsh_command_not_found r, owner /etc/zshenv r, owner /etc/zshrc r, owner /lib/lib*so* mr, owner /opt/kde3/share/icons/ r, owner /opt/kde3/share/icons/hicolor/icon-theme.cache r, owner /opt/kde3/share/icons/oxygen/icon-theme.cache r, owner /proc/*/cmdline r, owner /proc/*/fd/ r, owner /proc/*/mounts r, owner /proc/meminfo r, owner /proc/stat r, owner /root/.DCOPserver_linux-4h5b__0 r, owner /root/.ICEauthority r, owner /root/.Xauthority r, owner /root/.bash_history r, owner /root/.config/gtk-2.0/gtkfilechooser.ini r, owner /root/.config/gtk-2.0/gtkfilechooser.ini.CNXWAV w, owner /root/.config/qtcurve.gtk-icons r, owner /root/.config/user-dirs.dirs r, owner /root/.dmrc r, owner /root/.emacs.d/auto-save-list/ r, owner /root/.emacs.d/auto-save-list/.saves-6954-linux-4h5b.site~ w, owner /root/.exrc r, owner /root/.kde4/share/config/gtkrc-2.0 r, owner /root/.kde4/share/config/kdeglobals r, owner /root/.local/share/mime/mime.cache r, owner /root/.pulse-cookie r, owner /root/.xsession-errors r, owner /session_mm_apache2handler0.sem r, owner /usr/lib/gconv/UTF-*.so mr, owner /usr/lib/gconv/gconv-modules.cache r, owner /usr/lib/gio/modules/ r, owner /usr/lib/gio/modules/libgiofam.so mr, owner /usr/lib/gio/modules/libgiogconf.so mr, owner /usr/lib/gio/modules/libgioremote-volume-monitor.so mr, owner /usr/lib/gio/modules/libgvfsdbus.so mr, owner /usr/lib/gtk-2.0/2.10.0/engines/libmurrine.so mr, owner /usr/lib/gtk-2.0/2.10.0/engines/libqtcurve.so mr, owner /usr/lib/gtk-2.0/2.10.0/loaders/libpixbufloader-png.so mr, owner /usr/lib/gtk-2.0/2.10.0/loaders/libpixbufloader-xpm.so mr, owner /usr/lib/ispell/emacs/ r, owner /usr/lib/ispell/emacs/american.el r, owner /usr/lib/ispell/emacs/deutsch.el r, owner /usr/lib/ispell/emacs/english.el r, owner /usr/lib/ispell/emacs/german.el r, owner /usr/lib/ispell/ispell-emacs-menu.el r, owner /usr/lib/lib*so* mr, owner /usr/lib/locale/** r, owner /usr/lib/pango/1.6.0/modules/pango-basic-fc.so mr, owner /usr/share/X11/Xcms.txt r, owner /usr/share/X11/app-defaults/Emacs r, owner /usr/share/X11/locale/compose.dir r, owner /usr/share/X11/locale/en_US.UTF-8/XLC_LOCALE r, owner /usr/share/X11/locale/locale.alias r, owner /usr/share/X11/locale/locale.dir r, owner /usr/share/emacs/23.1/etc/charsets/MULE-ethiopic.map r, owner /usr/share/emacs/23.1/etc/charsets/MULE-ipa.map r, owner /usr/share/emacs/23.1/etc/charsets/MULE-tibetan.map r, owner /usr/share/emacs/23.1/etc/charsets/symbol.map r, owner /usr/share/emacs/23.1/etc/images/close.xpm r, owner /usr/share/emacs/23.1/etc/images/copy.xpm r, owner /usr/share/emacs/23.1/etc/images/cut.xpm r, owner /usr/share/emacs/23.1/etc/images/diropen.xpm r, owner /usr/share/emacs/23.1/etc/images/help.xpm r, owner /usr/share/emacs/23.1/etc/images/new.xpm r, owner /usr/share/emacs/23.1/etc/images/open.xpm r, owner /usr/share/emacs/23.1/etc/images/paste.xpm r, owner /usr/share/emacs/23.1/etc/images/preferences.xpm r, owner /usr/share/emacs/23.1/etc/images/print.xpm r, owner /usr/share/emacs/23.1/etc/images/save.xpm r, owner /usr/share/emacs/23.1/etc/images/saveas.xpm r, owner /usr/share/emacs/23.1/etc/images/search.xpm r, owner /usr/share/emacs/23.1/etc/images/splash.svg r, owner /usr/share/emacs/23.1/etc/images/splash.xpm r, owner /usr/share/emacs/23.1/etc/images/undo.xpm r, owner /usr/share/emacs/23.1/etc/tutorials/TUTORIAL.de r, owner /usr/share/emacs/23.1/leim/leim-list.el r, owner /usr/share/emacs/23.1/lisp/international/encoded-kb.elc r, owner /usr/share/emacs/23.1/lisp/mouse-sel.elc r, owner /usr/share/emacs/23.1/lisp/newcomment.elc r, owner /usr/share/emacs/23.1/lisp/paren.elc r, owner /usr/share/emacs/23.1/lisp/subdirs.el r, owner /usr/share/emacs/23.1/lisp/textmodes/conf-mode.elc r, owner /usr/share/emacs/23.1/lisp/textmodes/ispell.elc r, owner /usr/share/emacs/23.1/lisp/thingatpt.elc r, owner /usr/share/emacs/23.1/site-lisp/ r, owner /usr/share/emacs/23.1/site-lisp/subdirs.el r, owner /usr/share/emacs/23.1/site-lisp/term/ r, owner /usr/share/emacs/23.1/site-lisp/term/func-keys.el r, owner /usr/share/emacs/23.1/site-lisp/term/locale.el r, owner /usr/share/emacs/site-lisp/ r, owner /usr/share/emacs/site-lisp/anthy/ r, owner /usr/share/emacs/site-lisp/anthy/leim-list.el r, owner /usr/share/emacs/site-lisp/elib/ r, owner /usr/share/emacs/site-lisp/site-start.el r, owner /usr/share/emacs/site-lisp/subdirs.el r, owner /usr/share/emacs/site-lisp/suse-start-anthy.el r, owner /usr/share/emacs/site-lisp/suse-start-elib.el r, owner /usr/share/emacs/site-lisp/suse-start-po-mode.el r, owner /usr/share/fonts/** r, owner /usr/share/gvfs/remote-volume-monitors/ r, owner /usr/share/gvfs/remote-volume-monitors/gdu.monitor r, owner /usr/share/gvfs/remote-volume-monitors/gphoto2.monitor r, owner /usr/share/gvfs/remote-volume-monitors/hal.monitor r, owner /usr/share/icons/ r, owner /usr/share/icons/Oxygen_White/cursors/00008160000006810000408080010102 r, owner /usr/share/icons/Oxygen_White/cursors/9d800788f1b08800ae810202380a0822 r, owner /usr/share/icons/Oxygen_White/cursors/e-resize r, owner /usr/share/icons/Oxygen_White/cursors/ibeam r, owner /usr/share/icons/Oxygen_White/cursors/left_ptr r, owner /usr/share/icons/Oxygen_White/cursors/wait r, owner /usr/share/icons/hicolor/icon-theme.cache r, owner /usr/share/icons/hicolor/index.theme r, owner /usr/share/icons/oxygen/16x16/actions/dialog-cancel.png r, owner /usr/share/icons/oxygen/16x16/actions/document-open.png r, owner /usr/share/icons/oxygen/16x16/actions/document-properties.png r, owner /usr/share/icons/oxygen/16x16/actions/edit-delete.png r, owner /usr/share/icons/oxygen/16x16/actions/list-add.png r, owner /usr/share/icons/oxygen/22x22/actions/configure.png r, owner /usr/share/icons/oxygen/22x22/actions/document-new.png r, owner /usr/share/icons/oxygen/22x22/actions/document-open.png r, owner /usr/share/icons/oxygen/22x22/actions/document-print.png r, owner /usr/share/icons/oxygen/22x22/actions/document-save-as.png r, owner /usr/share/icons/oxygen/22x22/actions/document-save.png r, owner /usr/share/icons/oxygen/22x22/actions/edit-copy.png r, owner /usr/share/icons/oxygen/22x22/actions/edit-cut.png r, owner /usr/share/icons/oxygen/22x22/actions/edit-find.png r, owner /usr/share/icons/oxygen/22x22/actions/edit-paste.png r, owner /usr/share/icons/oxygen/22x22/actions/edit-undo.png r, owner /usr/share/icons/oxygen/22x22/actions/help-contents.png r, owner /usr/share/icons/oxygen/22x22/actions/window-close.png r, owner /usr/share/icons/oxygen/icon-theme.cache r, owner /usr/share/icons/oxygen/index.theme r, owner /usr/share/locale/** r, owner /usr/share/mime/mime.cache r, owner /usr/share/misc/termcap r, owner /usr/share/pixmaps/ r, owner /usr/share/terminfo/x/xterm r, owner /usr/share/themes/Emacs/gtk-2.0-key/gtkrc r, owner /usr/share/themes/QtCurve/gtk-2.0/gtkrc r, owner /usr/share/themes/Sonar/gtk-2.0/gtkrc r, owner /var/cache/fontconfig/17090aa38d5c6f09fb8c5c354938f1d7-x86.cache-2 r, owner /var/cache/fontconfig/2d31a572ce6667f6a0da9c8dc611898b-x86.cache-2 r, owner /var/cache/fontconfig/30786aca7a961ef9f9799e540455831d-x86.cache-2 r, owner /var/cache/fontconfig/31f82260556886db06538972b4bc1ecd-x86.cache-2 r, owner /var/cache/fontconfig/3830d5c3ddfd5cd38a049b759396e72e-x86.cache-2 r, owner /var/cache/fontconfig/4b172ca7f111e3cffadc3636415fead9-x86.cache-2 r, owner /var/cache/fontconfig/5ca8086aeacc9c68e81a71e7ef846b3b-x86.cache-2 r, owner /var/cache/fontconfig/77e41c5059666d75f92e318d4be8c21e-x86.cache-2 r, owner /var/cache/fontconfig/7ef2298fde41cc6eeb7af42e48b7d293-x86.cache-2 r, owner /var/cache/fontconfig/8d4af663993b81a124ee82e610bb31f9-x86.cache-2 r, owner /var/cache/fontconfig/a1c95d6dfc9a7b34f44445cf81166004-x86.cache-2 r, owner /var/cache/fontconfig/d62e99ef547d1d24cdb1bd22ec1a2976-x86.cache-2 r, owner /var/cache/fontconfig/df311e82a1a24c41a75c2c930223552e-x86.cache-2 r, owner /var/cache/libx11/compose/l4_024_313cb605_00280cc0 r, } } | about 1 year ago | tape | 164 | Autobahn | Edit | History | |
| opensuse11.0 | /usr/lib/firefox/firefox.sh | #include <tunables/global> /usr/lib/firefox/firefox.sh { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> deny capability sys_ptrace, /bin/basename rix, /bin/bash rix, /bin/grep rix, /etc/magic r, /usr/bin/file rix, /usr/lib/firefox/firefox px, /usr/share/misc/magic.mgc r, } | over 2 years ago | 203 | juan | Edit | History | ||
| opensuse11.0 | /bin/cpio | #include <tunables/global> /bin/cpio { #include <abstractions/base> } | over 3 years ago | 2 | 229 | davidbo | Edit | History | |
| opensuse11.0 | /usr/bin/amule | #include <tunables/global> /usr/bin/amule flags=(complain) { #include <abstractions/base> #include <abstractions/bash> network inet dgram, network inet stream, /bin/bash rix, /bin/uname rix, /dev/tty rw, /etc/fonts/** r, /etc/gnome-vfs-2.0/modules/ r, /etc/gnome-vfs-2.0/modules/default-modules.conf r, /etc/gnome-vfs-2.0/modules/font-method.conf r, /etc/gnome-vfs-2.0/modules/obex-module.conf r, /etc/gnome-vfs-2.0/modules/smb-module.conf r, /etc/gnome-vfs-2.0/modules/ssl-modules.conf r, /etc/gnome-vfs-2.0/modules/theme-method.conf r, /etc/gtk-2.0/gdk-pixbuf.loaders r, /etc/gtk-2.0/gtk.immodules r, /etc/gtk-2.0/gtkrc r, /etc/host.conf r, /etc/hosts r, /etc/nsswitch.conf r, /etc/opt/kde3/share/icons/ r, /etc/pango/pango.modules r, /etc/passwd r, /etc/resolv.conf r, owner /home/*/.Xauthority r, owner /home/*/.aMule/ rw, owner /home/*/.aMule/Incoming/ rw, owner /home/*/.aMule/Temp/ rw, owner /home/*/.aMule/amule.conf r, owner /home/*/.aMule/clients.met r, owner /home/*/.aMule/clients.met.BAK rw, owner /home/*/.aMule/cryptkey.dat r, owner /home/*/.aMule/emfriends.met r, owner /home/*/.aMule/ipfilter.dat r, owner /home/*/.aMule/ipfilter_static.dat r, owner /home/*/.aMule/key_index.dat r, owner /home/*/.aMule/known.met r, owner /home/*/.aMule/known2_64.met rw, owner /home/*/.aMule/last_version_check rw, owner /home/*/.aMule/lastversion rw, owner /home/*/.aMule/lastversion7nckGj rw, owner /home/*/.aMule/load_index.dat r, owner /home/*/.aMule/logfile rw, owner /home/*/.aMule/logfile.bak rw, owner /home/*/.aMule/muleLock wk, owner /home/*/.aMule/nodes.dat r, owner /home/*/.aMule/preferences.dat r, owner /home/*/.aMule/preferencesKad.dat r, owner /home/*/.aMule/server.met r, owner /home/*/.aMule/shareddir.dat r, owner /home/*/.aMule/src_index.dat r, owner /home/*/.fontconfig/2c06a42904f01c0353eb6890b1b94581-x86.cache-2 r, owner /home/*/.icons/ r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /tmp/.X11-unix/X0 w, /usr/bin/amule r, /usr/bin/bug-buddy rix, /usr/lib/** mr, /usr/share/GeoIP/GeoIP.dat r, /usr/share/X11/locale/compose.dir r, /usr/share/X11/locale/en_US.UTF-8/Compose r, /usr/share/X11/locale/en_US.UTF-8/XLC_LOCALE r, /usr/share/X11/locale/locale.alias r, /usr/share/X11/locale/locale.dir r, /usr/share/fonts/** r, /usr/share/icons/ r, /usr/share/icons/Crux/icon-theme.cache r, /usr/share/icons/Crux/index.theme r, /usr/share/icons/DMZ/cursors/left_ptr r, /usr/share/icons/DMZ/cursors/sb_h_double_arrow r, /usr/share/icons/DMZ/cursors/sb_v_double_arrow r, /usr/share/icons/DMZ/cursors/xterm r, /usr/share/icons/gnome/icon-theme.cache r, /usr/share/icons/gnome/index.theme r, /usr/share/icons/hicolor/icon-theme.cache r, /usr/share/icons/hicolor/index.theme r, /usr/share/pixmaps/ r, /usr/share/themes/Crux/gtk-2.0/gtkrc r, /usr/share/themes/Default/gtk-2.0-key/gtkrc r, /var/cache/fontconfig/17090aa38d5c6f09fb8c5c354938f1d7-x86.cache-2 r, /var/cache/fontconfig/2d31a572ce6667f6a0da9c8dc611898b-x86.cache-2 r, /var/cache/fontconfig/30786aca7a961ef9f9799e540455831d-x86.cache-2 r, /var/cache/fontconfig/3830d5c3ddfd5cd38a049b759396e72e-x86.cache-2 r, /var/cache/fontconfig/5ca8086aeacc9c68e81a71e7ef846b3b-x86.cache-2 r, /var/cache/fontconfig/77e41c5059666d75f92e318d4be8c21e-x86.cache-2 r, /var/cache/fontconfig/7ef2298fde41cc6eeb7af42e48b7d293-x86.cache-2 r, /var/cache/fontconfig/82263fb4001171a9d4b2e27da14be10b-x86.cache-2 r, /var/cache/fontconfig/8d4af663993b81a124ee82e610bb31f9-x86.cache-2 r, /var/cache/fontconfig/a1c95d6dfc9a7b34f44445cf81166004-x86.cache-2 r, /var/cache/fontconfig/b6bbb9f898b73777cfe763014a8c08d3-x86.cache-2 r, /var/cache/fontconfig/c938cb1e82ff5ba1829a2dab18b1c8a9-x86.cache-2 r, /var/cache/fontconfig/d62e99ef547d1d24cdb1bd22ec1a2976-x86.cache-2 r, /var/cache/fontconfig/df311e82a1a24c41a75c2c930223552e-x86.cache-2 r, /var/cache/libx11/compose/l4_024_313cb605_00280cc0 r, /var/run/nscd/socket w, } | over 3 years ago | 271 | Maicoc | Edit | History | ||
| opensuse10.3 | /usr/sbin/httpd2-prefork | # $Id: usr.sbin.httpd2-prefork 706 2007-05-31 06:58:22Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/perl> capability dac_override, capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_tty_config, /dev/random r, /etc/apache2/*.conf r, /etc/apache2/magic r, /etc/apache2/mod_perl-startup.pl r, /etc/apache2/ssl.crt/*.crt r, /etc/apache2/ssl.key/*.key r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/apache2/{conf,sysconfig,vhosts}.d/* r, /etc/fstab r, /etc/mime.types r, /etc/mtab r, /etc/odbcinst.ini r, /etc/php.d/ r, /etc/php.d/** r, /etc/php.ini r, /etc/php5/apache2/php.ini r, /etc/php5/conf.d/ r, /etc/php5/conf.d/bcmath.ini r, /etc/php5/conf.d/bz2.ini r, /etc/php5/conf.d/calendar.ini r, /etc/php5/conf.d/ctype.ini r, /etc/php5/conf.d/curl.ini r, /etc/php5/conf.d/dba.ini r, /etc/php5/conf.d/dbase.ini r, /etc/php5/conf.d/dom.ini r, /etc/php5/conf.d/exif.ini r, /etc/php5/conf.d/ftp.ini r, /etc/php5/conf.d/gd.ini r, /etc/php5/conf.d/gettext.ini r, /etc/php5/conf.d/gmp.ini r, /etc/php5/conf.d/hash.ini r, /etc/php5/conf.d/iconv.ini r, /etc/php5/conf.d/imap.ini r, /etc/php5/conf.d/json.ini r, /etc/php5/conf.d/mbstring.ini r, /etc/php5/conf.d/mcrypt.ini r, /etc/php5/conf.d/mhash.ini r, /etc/php5/conf.d/mysql.ini r, /etc/php5/conf.d/mysqli.ini r, /etc/php5/conf.d/openssl.ini r, /etc/php5/conf.d/pdo.ini r, /etc/php5/conf.d/pdo_mysql.ini r, /etc/php5/conf.d/pdo_sqlite.ini r, /etc/php5/conf.d/sqlite.ini r, /etc/php5/conf.d/suhosin.ini r, /etc/php5/conf.d/tidy.ini r, /etc/php5/conf.d/tokenizer.ini r, /etc/php5/conf.d/xmlreader.ini r, /etc/php5/conf.d/xmlwriter.ini r, /etc/php5/conf.d/xsl.ini r, /etc/php5/conf.d/zip.ini r, /etc/php5/conf.d/zlib.ini r, /proc/*/attr/current w, /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /tmp/auth_ldap_cache.sem wl, /tmp/session_mm_apache0.sem wl, /tmp/session_mm_apache2handler0.sem wl, /usr/X11R6/lib/lib*.so* mr, /usr/X11R6/lib64/lib*.so* mr, /usr/apache2/error/* r, /usr/lib/** mr, /usr/lib/apache2-leader/{lib,mod_}*.so* mr, /usr/lib/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib/apache2-worker/{lib,mod_}*.so* mr, /usr/lib/apache2/modules/{lib,mod_}*.so* mr, /usr/lib/apache2/{lib,mod_}*.so mr, /usr/lib/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib64/apache2-leader/{lib,mod_}*.so* mr, /usr/lib64/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib64/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib64/apache2-worker/{lib,mod_}*.so* mr, /usr/lib64/apache2/modules/{lib,mod_}*.so* mr, /usr/lib64/apache2/{lib,mod_}*.so* mr, /usr/lib64/mysql/libmysql*.so* mr, /usr/lib64/php/extensions/*.so mr, /usr/lib64/php4/*.so mr, /usr/lib64/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib64/python[12].[0-9]/site-packages r, /usr/lib64/qt3/lib/lib*.so* mr, /usr/local/tomcat/conf/mod_jk.conf r, /usr/local/tomcat/conf/workers-ajp12.properties r, /usr/sbin/httpd2-prefork r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /usr/share/apache2/error/* r, /usr/share/apache2/error/include/* r, /usr/share/misc/magic.mime r, /usr/share/snmp/mibs r, /usr/share/snmp/mibs/*.{txt,mib} r, /usr/share/snmp/mibs/.index wr, /usr/share/ssl/openssl.cnf r, /var/lib/php/sess_* rwl, /var/lib/php5/session_mm_apache2handler0.sem kw, /var/lock/httpd2.lock.* wl, /var/log/apache2/* rwl, /var/log/apache2/** rwl, /var/log/httpd/ssl_scache.dir r, /var/log/httpd/ssl_scache.pag r, /var/run/httpd2.mm.* wl, /var/run/httpd2.pid wl, /var/run/nscd/services r, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } /usr/sbin/httpd2-prefork/// flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, } /usr/sbin/httpd2-prefork///favicon.ico flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/htdocs/favicon.ico r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork///wordpress/ flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc/*/attr/current w, /srv/www/htdocs/wordpress/index.php r, /srv/www/htdocs/wordpress/wp-blog-header.php r, /srv/www/htdocs/wordpress/wp-includes/classes.php r, /srv/www/htdocs/wordpress/wp-includes/functions.php r, /srv/www/htdocs/wordpress/wp-includes/plugin.php r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork///wordpress/wp-admin/css/install.css flags=(complain) { #include <abstractions/nameservice> /srv/www/htdocs/wordpress/wp-admin/css/install.css r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork///wordpress/wp-admin/setup-config.php flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc/*/attr/current w, /srv/www/htdocs/wordpress/wp-admin/setup-config.php r, /srv/www/htdocs/wordpress/wp-config-sample.php r, /srv/www/htdocs/wordpress/wp-includes/classes.php r, /srv/www/htdocs/wordpress/wp-includes/compat.php r, /srv/www/htdocs/wordpress/wp-includes/functions.php r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork//DEFAULT_URI flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /var/lib/php/sess_* rwl, /var/log/apache2/** rwl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /**.htaccess r, /proc/*/attr/current w, /var/log/apache2/* w, } | over 3 years ago | httpd2 | 309 | eviled | Edit | History | |
| opensuse10.3 | /usr/bin/opensuse-updater-gnome-applet | #include <tunables/global> /usr/bin/opensuse-updater-gnome-applet flags=(complain) { #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /home/*/.Xauthority r, /home/*/.fontconfig/* r, /home/*/.opensuse-updater-gnome rw, /proc/meminfo r, /usr/bin/bug-buddy ixr, /usr/bin/opensuse-updater-gnome-applet mr, /usr/sbin/zypp-checkpatches-wrapper Px, /usr/share/opensuse-updater-gnome/glade/*.glade r, /usr/share/opensuse-updater-gnome/images/** r, } | over 4 years ago | minor changes for 10.3 rc2 initial gnome launch | 337 | jmichael | Edit | History | |
| opensuse10.3 | /usr/bin/nm-applet | #include <tunables/global> /usr/bin/nm-applet { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /usr/bin/bug-buddy ixr, /usr/bin/nm-applet mr, /usr/share/nm-applet/*.glade r, } | over 4 years ago | Import of jmichaels profiles | 313 | dominic | Edit | History | |
| opensuse11.0 | /usr/bin/dirname | #include <tunables/global> /usr/bin/dirname { #include <abstractions/base> /usr/bin/dirname mr, } | over 2 years ago | nose | 242 | DOLORES | Edit | History | |
| ubuntu-gutsy | /usr/sbin/clamd | #include <tunables/global> /usr/sbin/clamd { #include <abstractions/base> #include <abstractions/user-tmp> /etc/clamav/clamd.conf r, /tmp/** klrw, /usr/sbin/clamd mr, /var/lib/clamav/ r, /var/lib/clamav/* r, /var/lib/clamav/.dbLock krw, /var/lib/clamav/daily.inc/ r, /var/lib/clamav/daily.inc/* krw, /var/log/clamav/clamav.log kw, /var/run/clamav/clamd.ctl w, /var/run/clamav/clamd.pid w, } | about 1 year ago | 187 | stive | Edit | History | ||
| ubuntu-gutsy | /sbin/syslogd | # $Id: sbin.syslogd 559 2007-04-10 23:05:33Z agruen $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /sbin/syslogd { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability dac_override, capability dac_read_search, capability setgid, capability setuid, capability sys_tty_config, /dev/log wl, /dev/tty* w, /dev/xconsole rw, /etc/group m, /etc/passwd m, /etc/syslog.conf r, /sbin/syslogd rmix, /var/lib/*/dev/log wl, /var/log/** rw, /var/run/syslogd.pid rwlk, /var/run/utmp krw, /var/spool/compaq/nic/messages_fifo rw, } | over 3 years ago | 225 | stive | Edit | History | ||
| ubuntu-gutsy | /usr/lib/postfix/tlsmgr | # $Id: usr.lib.postfix.tlsmgr 697 2007-05-25 03:09:30Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/lib/postfix/tlsmgr { #include <abstractions/base> #include <abstractions/nameservice> #include <program-chunks/postfix-common> /etc/mailname r, /etc/postfix/prng_exch rw, /usr/lib/postfix/tlsmgr rmix, /var/lib/postfix/* krw, /var/run/__db.smtpd_tls_session_cache.db rw, /var/run/smtpd_tls_session_cache.db rw, /{var/spool/postfix/,}private/tlsmgr r, } | over 3 years ago | 230 | stive | Edit | History | ||
| opensuse11.0 | /usr/lib/opera/9.62/opera | #include <tunables/global> /usr/lib/opera/9.62/opera flags=(complain) { #include <abstractions/base> } | over 3 years ago | 240 | agelos | Edit | History | ||
| opensuse10.3 | /bin/basename | #include <tunables/global> /bin/basename { #include <abstractions/base> /bin/basename mr, } | over 3 years ago | firefox2 | 285 | vojta | Edit | History | |
| ubuntu-gutsy | /usr/bin/monodevelop | #include <tunables/global> /usr/bin/monodevelop { #include <abstractions/base> /bin/dash ix, /usr/bin/monodevelop mr, } | over 4 years ago | gnome | 264 | hbpteam | Edit | History | |
| opensuse10.3 | /usr/lib/cups/backend/scsi | #include <tunables/global> /usr/lib/cups/backend/scsi flags=(complain) { #include <abstractions/base> /usr/lib/cups/backend/scsi mr, } | over 4 years ago | cups testing | 334 | dominic | Edit | History | |
| opensuse10.3 | /usr/sbin/postsuper | #include <tunables/global> /usr/sbin/postsuper flags=(complain) { #include <abstractions/base> /usr/sbin/postsuper mr, } | over 4 years ago | changes 6 | 302 | security | Edit | History | |
| opensuse10.3 | /sbin/modprobe | #include <tunables/global> /sbin/modprobe { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability net_raw, capability sys_module, /bin/bash ixr, /bin/true ixr, /etc/modprobe.conf r, /etc/modprobe.conf.local r, /etc/modprobe.d/ r, /etc/modprobe.d/* r, /lib/modules/**.ko krw, /lib/modules/*/modules.alias r, /lib/modules/*/modules.dep r, /proc/meminfo r, /proc/modules r, /sbin/modprobe ixr, } | over 4 years ago | Import of jmichaels profiles | 311 | dominic | Edit | History | |
| opensuse10.3 | /usr/bin/nm-applet | #include <tunables/global> /usr/bin/nm-applet { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /usr/bin/bug-buddy ixr, /usr/bin/nm-applet mr, /usr/share/nm-applet/*.glade r, } | over 4 years ago | none | 254 | cinimod | Edit | History | |
| opensuse10.3 | /bin/sleep | #include <tunables/global> /bin/sleep { #include <abstractions/base> /bin/sleep mr, } | over 4 years ago | Import of jmichaels profiles | 280 | dominic | Edit | History | |
| opensuse10.3 | /usr/bin/tor | #include <tunables/global> /usr/bin/tor { #include <abstractions/base> #include <abstractions/nameservice> /etc/tor/torrc r, /usr/bin/tor mr, /var/lib/tor/* rw, /var/lib/tor/*/ r, /var/lib/tor/cached-status/** rw, /var/log/tor/* a, /var/run/tor/tor.pid w, } | over 2 years ago | 218 | shimingzhou | Edit | History | ||
| ubuntu-gutsy | /usr/lib/postfix/local | # $Id: usr.lib.postfix.local 741 2007-06-11 22:55:56Z seth_arnold $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2006 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/lib/postfix/local { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/user-mail> #include <program-chunks/postfix-common> /bin/bash mixr, /bin/date mixr, /dev/tty rw, /etc/mailname r, /etc/postfix/lists.db r, /etc/postfix/virtual.db r, /etc/ssl/openssl.cnf r, /etc/{postfix/,}aliases.db krw, /home/*/.Maildir/** lw, /home/*/.maildir/** lw, /root/.maildir/** lw, /usr/bin/mlmmj-recieve Px, /usr/bin/procmail Px, /usr/lib/mailman/mail/mailman Px, /usr/lib/postfix/local rmix, /var/lib/amavis/.maildir/** lw, /var/lib/mailman/data/aliases.db r, /var/mailman/mail/wrapper Px, /var/spool/postfix/active/* krw, /var/www/.maildir/** lw, /{var/spool/postfix/,}active/[0-9A-F]/ rw, /{var/spool/postfix/,}active/[0-9A-F]/[0-9A-F]/ rw, /{var/spool/postfix/,}active/[0-9A-F]/[0-9A-F]/* rw, /{var/spool/postfix/,}pid/unix.local krw, /{var/spool/postfix/,}private/{bounce,defer,flush,lmtp,rewrite} rw, /{var/spool/postfix/,}public/{cleanup,flush} rw, } | over 3 years ago | 218 | stive | Edit | History | ||
| opensuse11.0 | /opt/kde3/bin/ark | #include <tunables/global> /opt/kde3/bin/ark flags=(complain) { #include <abstractions/base> /opt/kde3/lib/lib*so* mr, } | over 3 years ago | 1 | 225 | maku | Edit | History | |
| opensuse11.0 | /usr/lib/postfix/scache | # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/lib/postfix/scache { #include <abstractions/base> #include <abstractions/nameservice> #include <program-chunks/postfix-common> network stream, owner /proc/sys/kernel/ngroups_max r, /usr/lib/postfix/scache mrix, /var/run/nscd/group r, } | over 3 years ago | 217 | cboltz-server | Edit | History | ||
| opensuse10.3 | /sbin/route | #include <tunables/global> /sbin/route { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, /proc/net/route r, /sbin/route mr, } | over 4 years ago | none | 256 | cinimod | Edit | History | |
| ubuntu-gutsy | /usr/lib/bonobo-activation/bonobo-activation-server | #include <tunables/global> /usr/lib/bonobo-activation/bonobo-activation-server { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/bonobo-activation/*.xml r, /etc/sound/events/*.soundlist r, /home/*/.Trash/ r, /home/*/.Xauthority r, /home/*/.gnome/gnome-vfs/.trash_entry_cache rw, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /proc/*/mounts r, /proc/meminfo r, /tmp/orbit-void/bonobo-activation-register.lock klrw, /usr/lib/bonobo-activation/bonobo-activation-server mr, /usr/lib/deskbar-applet/deskbar-applet Px, /usr/lib/evolution/2.12/evolution-exchange-storage Px, /usr/lib/evolution/evolution-data-server-1.12 Px, /usr/lib/fast-user-switch-applet/fast-user-switch-applet Px, /usr/lib/gnome-applets/mixer_applet2 ixr, /usr/lib/gnome-applets/trashapplet ixr, /usr/local/share/icons/ r, /usr/share/gnome-2.0/ui/*.xml r, } | over 4 years ago | gnome | 342 | hbpteam | Edit | History | |
| opensuse11.0 | /usr/lib64/firefox/firefox.sh | #include <tunables/global> /usr/lib64/firefox/firefox.sh { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> capability sys_ptrace, /bin/basename rix, /bin/bash rix, /bin/grep rix, /dev/shm/ r, owner /dev/shm/pulse-shm-1037808892 a, owner /dev/shm/pulse-shm-1050034994 a, owner /dev/shm/pulse-shm-1211404745 a, owner /dev/shm/pulse-shm-1446638569 a, owner /dev/shm/pulse-shm-1467305529 a, owner /dev/shm/pulse-shm-1622741507 a, owner /dev/shm/pulse-shm-1666933600 a, owner /dev/shm/pulse-shm-1995585318 r, owner /dev/shm/pulse-shm-2019522700 a, owner /dev/shm/pulse-shm-2072243533 a, owner /dev/shm/pulse-shm-2119277422 a, owner /dev/shm/pulse-shm-2126906412 rw, owner /dev/shm/pulse-shm-2128378761 r, owner /dev/shm/pulse-shm-2151245320 rw, owner /dev/shm/pulse-shm-2363893065 a, owner /dev/shm/pulse-shm-2396850234 r, owner /dev/shm/pulse-shm-2442834231 a, owner /dev/shm/pulse-shm-2549977543 a, owner /dev/shm/pulse-shm-2814412486 rw, owner /dev/shm/pulse-shm-2841507022 r, owner /dev/shm/pulse-shm-2896430949 a, owner /dev/shm/pulse-shm-3220724062 a, owner /dev/shm/pulse-shm-3229653623 r, owner /dev/shm/pulse-shm-3537677242 a, owner /dev/shm/pulse-shm-376438538 a, owner /dev/shm/pulse-shm-381620161 r, owner /dev/shm/pulse-shm-3817757151 a, owner /dev/shm/pulse-shm-3880979559 a, owner /dev/shm/pulse-shm-3902959294 a, owner /dev/shm/pulse-shm-3920509661 r, owner /dev/shm/pulse-shm-3964460839 a, owner /dev/shm/pulse-shm-3965874173 a, owner /dev/shm/pulse-shm-4165102617 a, owner /dev/shm/pulse-shm-4282535935 rw, owner /dev/shm/pulse-shm-429055936 a, owner /dev/shm/pulse-shm-696274664 r, owner /dev/shm/pulse-shm-710565768 a, owner /dev/shm/pulse-shm-991070019 r, /dev/tty rw, /etc/fonts/** r, /etc/gnome-vfs-2.0/modules/ r, /etc/gnome-vfs-2.0/modules/default-modules.conf r, /etc/gnome-vfs-2.0/modules/smb-module.conf r, /etc/gnome-vfs-2.0/modules/ssl-modules.conf r, /etc/gre.d/ r, /etc/gre.d/1.9.2.0-64bit.system.conf r, /etc/gtk-2.0/gdk-pixbuf64.loaders r, /etc/gtk-2.0/gtk64.immodules r, /etc/gtk-2.0/gtkrc r, /etc/kde4rc r, /etc/magic r, /etc/mime.types r, /etc/pango/pango64.modules r, /etc/passwd r, /etc/pulse/client.conf r, /etc/resolv.conf r, /etc/rpc r, owner /home/*/ rw, owner /home/*/.ICEauthority r, owner /home/*/.Xauthority r, owner /home/*/.config/Trolltech.conf rk, owner /home/*/.config/qtcurve.gtk-colors rw, owner /home/*/.config/qtcurve.gtk-icons rw, owner /home/*/.config/qtcurvestylerc r, owner /home/*/.esd_auth r, owner /home/*/.fonts.conf r, owner /home/*/.gnome2/firefox-jPaIUK a, owner /home/*/.gnome2/firefox-tfWoAF a, owner /home/*/.kde/share/config/gtkrc-2.0 r, owner /home/*/.kde/share/config/kdeglobals rk, owner /home/*/.kde4/share/apps/RecentDocuments/ rw, owner /home/*/.kde4/share/apps/kfileplaces/bookmarks.xml rw, owner /home/*/.kde4/share/apps/kfileplaces/bookmarks.xml.tbcache w, owner /home/*/.kde4/share/config/ w, owner /home/*/.kde4/share/config/kdeglobals rw, owner /home/*/.kde4/share/config/kioslaverc rw, owner /home/*/.kde4/share/config/kmozillahelperrc rw, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.E10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.E10896 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.F10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.G10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.H10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.I10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.If6302 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.J10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.M10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.N10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.P10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.R10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.S10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.T10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.U10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.UV6302 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.V10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.V10896 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.Y10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.Z10896 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.a10896 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.b10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.b10896 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.bc6302 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.c10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.du6302 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.e10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.f10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.l10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.m10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.n10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.o10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.oN6302 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.q10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.r10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.s10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.u10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.w10400 a, owner /home/*/.kde4/share/config/kmozillahelperrc.lock.y10400 a, owner /home/*/.local/share/ r, owner /home/*/.mozilla/extensions/\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}/ r, owner /home/*/.mozilla/firefox/default/ r, owner /home/*/.mozilla/firefox/default/.parentlock wk, owner /home/*/.mozilla/firefox/default/Cache.Trash/ w, owner /home/*/.mozilla/firefox/default/Cache/_CACHE_001_ rw, owner /home/*/.mozilla/firefox/default/Cache/_CACHE_002_ rw, owner /home/*/.mozilla/firefox/default/Cache/_CACHE_003_ rw, owner /home/*/.mozilla/firefox/default/Cache/_CACHE_MAP_ rw, owner /home/*/.mozilla/firefox/default/XPC.mfasl rw, owner /home/*/.mozilla/firefox/default/XUL.mfasl rw, owner /home/*/.mozilla/firefox/default/adblockplus/patterns-backup1.ini rw, owner /home/*/.mozilla/firefox/default/adblockplus/patterns-backup2.ini rw, owner /home/*/.mozilla/firefox/default/adblockplus/patterns-backup3.ini rw, owner /home/*/.mozilla/firefox/default/adblockplus/patterns-backup4.ini rw, owner /home/*/.mozilla/firefox/default/adblockplus/patterns-backup5.ini w, owner /home/*/.mozilla/firefox/default/adblockplus/patterns.ini rw, owner /home/*/.mozilla/firefox/default/adblockplus/patterns.ini-temp rw, owner /home/*/.mozilla/firefox/default/blocklist.xml rw, owner /home/*/.mozilla/firefox/default/bookmarkbackups/ r, owner /home/*/.mozilla/firefox/default/bookmarkbackups/bookmarks-2010-03-09.json a, owner /home/*/.mozilla/firefox/default/bookmarkbackups/bookmarks-2010-03-10.json a, owner /home/*/.mozilla/firefox/default/bookmarkbackups/bookmarks-2010-03-11.json a, owner /home/*/.mozilla/firefox/default/cert8.db rw, owner /home/*/.mozilla/firefox/default/compatibility.ini r, owner /home/*/.mozilla/firefox/default/compreg.dat r, owner /home/*/.mozilla/firefox/default/content-prefs.sqlite rwk, owner /home/*/.mozilla/firefox/default/cookies.sqlite rwk, owner /home/*/.mozilla/firefox/default/cookies.sqlite-journal rw, owner /home/*/.mozilla/firefox/default/downloads.sqlite rwk, owner /home/*/.mozilla/firefox/default/downloads.sqlite-journal w, owner /home/*/.mozilla/firefox/default/extensions.cache r, owner /home/*/.mozilla/firefox/default/extensions.ini r, owner /home/*/.mozilla/firefox/default/extensions.log a, owner /home/*/.mozilla/firefox/default/extensions.rdf rw, owner /home/*/.mozilla/firefox/default/extensions/ r, owner /home/*/.mozilla/firefox/default/extensions/\{0AE5CAA4-8BAB-11DB-AF59-ED4B56D89593\}/chrome.manifest r, owner /home/*/.mozilla/firefox/default/extensions/\{0AE5CAA4-8BAB-11DB-AF59-ED4B56D89593\}/chrome/secondsearch.jar r, owner /home/*/.mozilla/firefox/default/extensions/\{0AE5CAA4-8BAB-11DB-AF59-ED4B56D89593\}/defaults/preferences/ r, owner /home/*/.mozilla/firefox/default/extensions/\{0AE5CAA4-8BAB-11DB-AF59-ED4B56D89593\}/defaults/preferences/secondsearch.js r, owner /home/*/.mozilla/firefox/default/extensions/\{54BB9F3F-07E5-486c-9B39-C7398B99391C\}/chrome.manifest r, owner /home/*/.mozilla/firefox/default/extensions/\{54BB9F3F-07E5-486c-9B39-C7398B99391C\}/defaults/preferences/ r, owner /home/*/.mozilla/firefox/default/extensions/\{54BB9F3F-07E5-486c-9B39-C7398B99391C\}/defaults/preferences/textlink.js r, owner /home/*/.mozilla/firefox/default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/chrome.manifest r, owner /home/*/.mozilla/firefox/default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/chrome/adblockplus.jar r, owner /home/*/.mozilla/firefox/default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/defaults/preferences/ r, owner /home/*/.mozilla/firefox/default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/defaults/preferences/adblockplus.js r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/chrome.manifest r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/content/firebug/bindings.xml r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/content/firebug/blank.gif r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/content/firebug/branch.properties r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/content/firebug/consoleInjected.js r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/content/firebug/firebug.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/content/firebug/highlighter.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/content/firebug/panel.html r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/defaults/preferences/ r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/defaults/preferences/firebug.js r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/locale/en-US/firebug.dtd r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/locale/en-US/firebug.properties r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/Templarian_inspector.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/activation-menu-console.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/breakNext.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/breakNextActive.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/breakNextArmed.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/breakNextDisabled.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/breakOn/breakOnErrorSingle.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/breakOn/breakOnMutateSingle.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/breakpoint.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/console.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/continueDisabled.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/css.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/debugger.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/dom.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/errorIcon-sm.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/errorIcon.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/firebug-gray-16.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/firebug.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/firebug.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/firebug16.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/firebug32.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/group.gif r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/html.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/layout.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/net.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/panel.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/panelbase.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/stepIntoDisabled.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/stepOutDisabled.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/stepOverDisabled.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/tabMenuTarget.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/tabMenuTargetHover.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/traceConsole.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/detach.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/down.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/firebug.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/min.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/off.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/panel.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/tabBg.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/tabLeft.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/tabLeftHover.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/tabMid.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/tabMidHover.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/tabRight.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/tabRightHover.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/twistyClosed.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/twistyOpen.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/up.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/upHover.png r, owner /home/*/.mozilla/firefox/default/firebug/annotations.json rw, owner /home/*/.mozilla/firefox/default/formhistory.sqlite rwk, owner /home/*/.mozilla/firefox/default/formhistory.sqlite-journal rw, owner /home/*/.mozilla/firefox/default/key3.db rw, owner /home/*/.mozilla/firefox/default/localstore-1.rdf rw, owner /home/*/.mozilla/firefox/default/localstore.rdf rw, owner /home/*/.mozilla/firefox/default/lock w, owner /home/*/.mozilla/firefox/default/mimeTypes.rdf rw, owner /home/*/.mozilla/firefox/default/permissions.sqlite rwk, owner /home/*/.mozilla/firefox/default/places.sqlite rwk, owner /home/*/.mozilla/firefox/default/places.sqlite-journal rw, owner /home/*/.mozilla/firefox/default/pluginreg.dat r, owner /home/*/.mozilla/firefox/default/prefs-1.js rw, owner /home/*/.mozilla/firefox/default/prefs.js rw, owner /home/*/.mozilla/firefox/default/search.json r, owner /home/*/.mozilla/firefox/default/search.sqlite rwk, owner /home/*/.mozilla/firefox/default/secmod.db r, owner /home/*/.mozilla/firefox/default/sessionstore-1.js a, owner /home/*/.mozilla/firefox/default/sessionstore.bak a, owner /home/*/.mozilla/firefox/default/sessionstore.js rw, owner /home/*/.mozilla/firefox/default/signons.sqlite rwk, owner /home/*/.mozilla/firefox/default/urlclassifier3.sqlite rwk, owner /home/*/.mozilla/firefox/default/urlclassifier3.sqlite-journal w, owner /home/*/.mozilla/firefox/default/urlclassifierkey3.txt rw, owner /home/*/.mozilla/firefox/default/xpti.dat r, owner /home/*/.mozilla/firefox/profiles.ini r, owner /home/*/.qt/qtrc r, owner /home/*/Desktop/ w, owner /home/*/Desktop/.directory r, owner /home/*/adrIP1.pdf a, /opt/kde3/share/icons/crystalsvg/16x16/actions/add.png r, /opt/kde3/share/icons/crystalsvg/16x16/actions/fileclose.png r, /opt/kde3/share/icons/crystalsvg/22x22/actions/back.png r, /opt/kde3/share/icons/crystalsvg/22x22/actions/forward.png r, /opt/kde3/share/icons/crystalsvg/22x22/actions/gohome.png r, /opt/kde3/share/icons/crystalsvg/22x22/actions/reload.png r, /opt/kde3/share/icons/crystalsvg/22x22/actions/stop.png r, /opt/kde3/share/icons/hicolor/ r, owner /proc/*/cmdline r, owner /proc/*/fd/ r, owner /proc/*/mounts r, /proc/cpuinfo r, /proc/meminfo r, /proc/stat r, /tmp/ r, /tmp/.X11-unix/X0 w, owner /tmp/.esd-1005/socket rw, owner /tmp/orbit-somebody/ w, owner /tmp/orbit-student/ w, owner /tmp/orbit-student/linc-11fb-0-1675149e8cebb w, owner /tmp/orbit-student/linc-1528-0-12ba44f55b9d9 w, owner /tmp/orbit-student/linc-1871-0-38866a5b6fa43 w, owner /tmp/orbit-student/linc-371c-0-5e2de8c5148b2 w, owner /tmp/orbit-student/linc-37b6-0-22a379a1b62c2 w, owner /tmp/orbit-student/linc-37f4-0-21e6196c5d3bd w, owner /tmp/orbit-student/linc-39e8-0-2f99ef516b6c5 w, owner /tmp/pulse-e1LERjqKYsca/native w, /usr/bin/dbus-launch rix, /usr/bin/expr rix, /usr/bin/file rix, /usr/bin/kdeinit4 rix, /usr/lib/mozilla/kmozillahelper rix, /usr/lib/nspluginwrapper/i386/linux/npviewer rix, /usr/lib64/** mr, /usr/lib64/firefox/firefox rix, /usr/lib64/kde4/libexec/drkonqi rix, /usr/share/fonts/** r, /usr/share/ghostscript/fonts/** r, /usr/share/gvfs/remote-volume-monitors/ r, /usr/share/gvfs/remote-volume-monitors/gphoto2.monitor r, /usr/share/gvfs/remote-volume-monitors/hal.monitor r, /usr/share/icons/DMZ/cursors/bottom_right_corner r, /usr/share/icons/DMZ/cursors/hand2 r, /usr/share/icons/DMZ/cursors/left_ptr r, /usr/share/icons/DMZ/cursors/sb_h_double_arrow r, /usr/share/icons/DMZ/cursors/xterm r, /usr/share/icons/DMZ/index.theme r, /usr/share/icons/hicolor/ r, /usr/share/icons/oxygen/ r, /usr/share/kde4/config/kdebug.areas r, /usr/share/kde4/config/kdebugrc r, /usr/share/locale-bundle/en_US/LC_MESSAGES/kde4-openSUSE.mo r, /usr/share/misc/magic.mgc r, /usr/share/mozilla/extensions/\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}/ r, /usr/share/mozilla/extensions/\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}/susefox@opensuse.org/chrome.manifest r, /usr/share/mozilla/extensions/\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}/susefox@opensuse.org/defaults/preferences/ r, /usr/share/mozilla/extensions/\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}/susefox@opensuse.org/defaults/preferences/susefox-pfs.js r, /usr/share/myspell/en_US.aff r, /usr/share/myspell/en_US.dic r, /usr/share/sounds/freedesktop/index.theme r, /usr/share/themes/Gilouche/gtk-2.0/gtkrc r, /usr/share/themes/QtCurve/gtk-2.0/gtkrc r, /var/cache/fontconfig/0c42b92420913fbcd7539015ba025a31-x86-64.cache-2 r, /var/cache/fontconfig/0cb4977238439d35570f02dadf93f40f-x86-64.cache-2 r, /var/cache/fontconfig/17090aa38d5c6f09fb8c5c354938f1d7-x86-64.cache-2 r, /var/cache/fontconfig/2d31a572ce6667f6a0da9c8dc611898b-x86-64.cache-2 r, /var/cache/fontconfig/30786aca7a961ef9f9799e540455831d-x86-64.cache-2 r, /var/cache/fontconfig/3830d5c3ddfd5cd38a049b759396e72e-x86-64.cache-2 r, /var/cache/fontconfig/4b172ca7f111e3cffadc3636415fead9-x86-64.cache-2 r, /var/cache/fontconfig/5ca8086aeacc9c68e81a71e7ef846b3b-x86-64.cache-2 r, /var/cache/fontconfig/77e41c5059666d75f92e318d4be8c21e-x86-64.cache-2 r, /var/cache/fontconfig/7ef2298fde41cc6eeb7af42e48b7d293-x86-64.cache-2 r, /var/cache/fontconfig/8d4af663993b81a124ee82e610bb31f9-x86-64.cache-2 r, /var/cache/fontconfig/a1c95d6dfc9a7b34f44445cf81166004-x86-64.cache-2 r, /var/cache/fontconfig/c16af864172909159ced9a806109b5c1-x86-64.cache-2 r, /var/cache/fontconfig/c36a5ca5419b5200dcfc86d54b5d311a-x86-64.cache-2 r, /var/cache/fontconfig/c952848b32a83a3db68a27ab871288f2-x86-64.cache-2 r, /var/cache/fontconfig/cf6c88e680607f2ab796171745f068a4-x86-64.cache-2 r, /var/cache/fontconfig/d62e99ef547d1d24cdb1bd22ec1a2976-x86-64.cache-2 r, /var/cache/fontconfig/df311e82a1a24c41a75c2c930223552e-x86-64.cache-2 r, /var/cache/libx11/compose/l4_030_313cb605_00280cc0 r, /var/lib/dbus/machine-id r, /var/run/dbus/system_bus_socket w, /var/tmp/ r, owner /var/tmp/kdecache-student/kpc/kde-icon-cache.data rw, owner /var/tmp/kdecache-student/kpc/kde-icon-cache.index rw, owner /var/tmp/kdecache-student/ksycoca4 r, } | about 1 year ago | aaa | 217 | userx | Edit | History | |
| ubuntu-gutsy | /usr/sbin/jabberd2-s2s | #include <tunables/global> /usr/sbin/jabberd2-s2s flags=(complain) { #include <abstractions/base> /usr/sbin/jabberd2-s2s mr, } | over 2 years ago | 181 | Amanda | Edit | History | ||
| opensuse11.0 | /usr/sbin/cupsd | #include <tunables/global> /usr/sbin/cupsd flags=(complain) { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/dbus> #include <abstractions/nameservice> #include <abstractions/nis> capability chown, capability dac_override, capability fowner, capability fsetid, capability kill, capability net_bind_service, capability setgid, capability setuid, owner /dev/tty a, owner /etc/cups/ r, /etc/cups/* rw, owner /etc/cups/** rw, owner /etc/hosts.allow r, owner /etc/hosts.deny r, owner /etc/krb5.conf w, /etc/krb5.conf r, owner /etc/printcap w, owner /proc/*/mounts r, /proc/meminfo r, /usr/lib64/cups/backend/socket rix, /usr/lib64/cups/backend/usb rix, /usr/lib64/cups/cgi-bin/admin.cgi rix, /usr/lib64/cups/cgi-bin/printers.cgi rix, owner /usr/lib64/cups/daemon/cups-deviced m, /usr/lib64/cups/daemon/cups-deviced rpx, /usr/lib64/cups/daemon/cups-driverd mrpx, /usr/local/Brother/Printer/mfc9840cdw/cupswrapper/brlpdwrapper_mfc9840cdw rix, owner /usr/sbin/cupsd r, /usr/share/cups/** r, owner /usr/share/doc/packages/cups/** r, /usr/share/ppd/ r, /usr/share/ppd/** r, owner /var/log/cups/** rw, owner /var/run/cups/** ra, /var/run/cups/** w, owner /var/spool/cups/** w, /var/spool/cups/** r, } | over 2 years ago | CUPS-Grundkonfiguration | 235 | estellnb | Edit | History | |
| opensuse11.0 | /usr/bin/tcptraceroute | #include <tunables/global> /usr/bin/tcptraceroute { #include <abstractions/base> #include <abstractions/nameservice> capability net_raw, capability setuid, network inet raw, network packet raw, owner /usr/bin/tcptraceroute r, } | over 2 years ago | 215 | phocean | Edit | History | ||
| opensuse10.3 | /usr/bin/evince | #include <tunables/global> /usr/bin/evince { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> capability dac_override, capability setgid, capability setuid, / r, /Archiv/ r, /Archiv/** rw, /etc/gai.conf r, /etc/ghostscript/8.15/Fontmap r, /etc/ghostscript/8.15/Fontmap.X11-auto r, /etc/ghostscript/8.15/cidfmap r, /etc/ghostscript/8.15/xlatmap r, /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/sound/events/gtk-events-2.soundlist r, /etc/xpdfrc r, /etc/xpdfrc-cjk r, /etc/xpdfrc-cjk-auto r, /etc/xpdfrc-cjk.sjis r, /home/*/ r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.bash_history r, /home/*/.bashrc r, /home/*/.beagle/socket w, /home/*/.cedegarc r, /home/*/.config/gtk-2.0/gtkfilechooser.ini rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini.0S3G2T rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini.66SB2T rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini.9HHL1T rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini.Q0VH2T rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini.UPEH2T rw, /home/*/.dmrc r, /home/*/.dvipsrc r, /home/*/.emacs r, /home/*/.esd_auth r, /home/*/.exrc r, /home/*/.fontconfig/* r, /home/*/.gnome2/accels/evince rw, /home/*/.gnome2/evince/ev-metadata.xml rw, /home/*/.gnome2/evince/print-settings rw, /home/*/.gnome2/evince/print-settings.* rw, /home/*/.gnome2_private/ w, /home/*/.gpilotd.pid r, /home/*/.gtkrc-1.2-gnome2 r, /home/*/.icons/ r, /home/*/.inputrc r, /home/*/.kermrc r, /home/*/.local/share/icons/ r, /home/*/.local/share/mime/aliases r, /home/*/.local/share/mime/globs r, /home/*/.local/share/mime/magic r, /home/*/.local/share/mime/mime.cache r, /home/*/.local/share/mime/subclasses r, /home/*/.mailcap r, /home/*/.muttrc r, /home/*/.opensuse-updater-gnome r, /home/*/.profile r, /home/*/.realplayerrc r, /home/*/.recently-used r, /home/*/.recently-used.xbel rw, /home/*/.recently-used.xbel.* rw, /home/*/.urlview r, /home/*/.viminfo r, /home/*/.windows-label r, /home/*/.xcoralrc r, /home/*/.xim.template r, /home/*/.xinitrc.template r, /home/*/.xsession-errors r, /home/*/.xtalkrc r, /home/*/Desktop/ rw, /home/*/Desktop/**.pdf rw, /proc/*/mounts r, /proc/meminfo r, /root/.esd_auth r, /root/.gnome2/accels/evince rw, /root/.gnome2/evince/ w, /root/.gnome2_private/ w, /root/.local/share/mime/aliases r, /root/.local/share/mime/globs r, /root/.local/share/mime/magic r, /root/.local/share/mime/mime.cache r, /root/.local/share/mime/subclasses r, /root/.recently-used.xbel.FXVN3T rw, /root/.recently-used.xbel.WCCU3T rw, /root/.recently-used.xbel.X1XL3T rw, /root/.recently-used.xbel.XLCN3T rw, /root/.xauthQESsMm r, /usr/bin/bug-buddy ixr, /usr/bin/evince mr, /usr/bin/gs ixr, /usr/lib/** mr, /usr/share/evince/evince-toolbar.xml r, /usr/share/evince/evince-ui.xml r, /usr/share/evince/icons/ r, /usr/share/evince/icons/hicolor/** r, /usr/share/ghostscript/8.15/Resource/CMap/ r, /usr/share/ghostscript/8.15/lib/*.ps r, /usr/share/ghostscript/8.15/lib/Fontmap.GS r, /usr/share/ghostscript/8.15/lib/Fontmap.rus r, /usr/share/ghostscript/8.15/lib/cjkv/*.ps r, /usr/share/ghostscript/8.15/lib/escp_24.src r, /usr/share/locale-bundle/de/LC_MESSAGES/atk10.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/evince.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/glib20.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gnome-vfs-2.0.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20-properties.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libbonobo-2.0.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libgnomeui-2.0.mo r, /usr/share/mime/application/octet-stream.xml r, /usr/share/mime/application/pdf.xml r, /usr/share/mime/application/vnd.oasis.opendocument.spreadsheet.xml r, /usr/share/mime/application/vnd.oasis.opendocument.text.xml r, /usr/share/mime/application/x-compressed-tar.xml r, /usr/share/mime/application/x-deb.xml r, /usr/share/mime/application/x-mozilla-bookmarks.xml r, /usr/share/mime/application/x-shellscript.xml r, /usr/share/mime/application/x-xbel.xml r, /usr/share/mime/application/xml.xml r, /usr/share/mime/application/zip.xml r, /usr/share/mime/inode/directory.xml r, /usr/share/mime/text/plain.xml r, /usr/share/mime/text/x-csrc.xml r, /usr/share/mime/text/x-log.xml r, /usr/share/xpdf/** r, /var/cache/libx11/compose/* r, /var/run/cups/cups.sock w, /var/run/nscd/services r, } | over 4 years ago | 374 | overwrite | Edit | History | ||
| opensuse10.3 | /usr/bin/skype | #include <tunables/global> /usr/bin/skype { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/freedesktop.org> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gai.conf r, /home/*/.Skype/ rw, /home/*/.Skype/** krw, /home/*/.config/Trolltech.conf kr, /home/*/.fontconfig/** r, /home/*/.kde/share/config/kioslaverc r, /proc/interrupts r, /usr/bin/skype mr, /usr/share/skype/** kr, /var/cache/libx11/compose/l4_024_313cb605_00280cc0 r, } | over 4 years ago | 293 | orat | Edit | History | ||
| opensuse10.3 | /sbin/modprobe | #include <tunables/global> /sbin/modprobe { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability net_raw, capability sys_module, /bin/bash ixr, /bin/true ixr, /etc/modprobe.conf r, /etc/modprobe.conf.local r, /etc/modprobe.d/ r, /etc/modprobe.d/* r, /lib/modules/**.ko krw, /lib/modules/*/modules.alias r, /lib/modules/*/modules.dep r, /proc/meminfo r, /proc/modules r, /sbin/modprobe ixr, } | over 4 years ago | none | 259 | cinimod | Edit | History | |
| opensuse10.3 | /sbin/syslog-ng | # $Id$ # ------------------------------------------------------------------ # # Copyright (C) 2006 Novell/SUSE # Copyright (C) 2006 Christian Boltz # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /sbin/syslog-ng { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability chown, capability dac_override, capability fowner, capability fsetid, /dev/log w, /dev/tty10 rw, /dev/xconsole rw, /etc/syslog-ng/* r, /sbin/syslog-ng mr, /var/lib/*/dev/log w, /var/log/** w, /var/run/syslog-ng.pid w, } | over 4 years ago | Initial Revision | 363 | novell | Edit | History | |
| opensuse10.3 | /etc/sysconfig/network/scripts/50-ntp | #include <tunables/global> /etc/sysconfig/network/scripts/50-ntp flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/init.d/ntp Px, /etc/sysconfig/network/scripts/50-ntp mr, /proc/meminfo r, /sbin/chkconfig Px, } | over 4 years ago | argh, switch things back to complain for a while | 283 | jmichael | Edit | History | |
| ubuntu-gutsy | /usr/bin/gtkterm | #include <tunables/global> /usr/bin/gtkterm { #include <abstractions/base> /usr/bin/gtkterm mr, } | over 4 years ago | gnome | 285 | hbpteam | Edit | History | |
| opensuse10.3 | /bin/sleep | #include <tunables/global> /bin/sleep { #include <abstractions/base> /bin/sleep mr, } | over 4 years ago | none | 238 | cinimod | Edit | History | |
| opensuse10.3 | /etc/apparmor/profiles/extras/usr.bin.opera | #include <tunables/global> /etc/apparmor/profiles/extras/usr.bin.opera flags=(complain) { #include <abstractions/base> /etc/apparmor/profiles/extras/usr.bin.opera mr, } | over 4 years ago | opera | 324 | gs222gs | Edit | History | |
| opensuse10.3 | /usr/lib/cups/backend/hal | #include <tunables/global> /usr/lib/cups/backend/hal flags=(complain) { #include <abstractions/base> /usr/lib/cups/backend/hal mr, } | over 4 years ago | cups testing | 346 | dominic | Edit | History | |
| opensuse10.3 | /sbin/route | #include <tunables/global> /sbin/route { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, /proc/net/route r, /sbin/route mr, } | over 4 years ago | Import of jmichaels profiles | 299 | dominic | Edit | History | |
| opensuse11.0 | /usr/sbin/ypserv | #include <tunables/global> /usr/sbin/ypserv flags=(complain) { #include <abstractions/base> #include <abstractions/nis> capability net_bind_service, owner /etc/ypserv.conf r, owner /var/run/ypserv.pid wk, owner /var/yp/securenets r, } | over 2 years ago | nis | 171 | oliver siebert | Edit | History | |
| opensuse11.0 | /usr/bin/ed2k | #include <tunables/global> /usr/bin/ed2k flags=(complain) { #include <abstractions/base> } | over 3 years ago | ed2k | 241 | rmvlad | Edit | History | |
| opensuse11.0 | /usr/bin/amule | #include <tunables/global> /usr/bin/amule flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/gnome> #include <abstractions/kde> network dgram, network stream, deny r, /bin/bash rix, /bin/uname rix, /dev/shm/ r, owner /dev/shm/* rw, /dev/tty rw, /etc/gnome-vfs-2.0/modules/ r, /etc/host.conf r, /etc/hosts r, /etc/nsswitch.conf r, /etc/passwd r, /etc/pulse/client.conf r, /etc/resolv.conf r, owner /home/*/.ICEauthority r, owner /home/*/.Xauthority r, owner /home/*/.aMule/* rw, owner /home/*/.aMule/Incoming/ rw, owner /home/*/.aMule/Temp/ rw, owner /home/*/.aMule/Temp/*.backup rw, owner /home/*/.aMule/Temp/*.bak rw, owner /home/*/.aMule/Temp/*.met rw, owner /home/*/.aMule/Temp/*.part rw, owner /home/*/.aMule/muleLock wk, owner /home/*/.config/totem/state.ini r, owner /home/*/.fontconfig/* r, owner /home/*/.gstreamer-0.10/registry.x86_64.bin r, owner /home/*/.icons/ r, owner /home/*/.local/share/icons/ r, owner /home/*/.pulse-cookie rwk, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/amule r, /usr/bin/bug-buddy rix, /usr/bin/gdb rix, /usr/bin/totem rix, /usr/lib/** mr, /usr/share/GeoIP/GeoIP.dat r, /usr/share/amule/skins/ r, /usr/share/amule/webserver/ r, /usr/share/locale-bundle/de/LC_MESSAGES/*.mo r, /usr/share/totem/fullscreen.ui r, /usr/share/totem/playlist.ui r, /usr/share/totem/totem.ui r, /var/cache/libx11/compose/* r, /var/run/nscd/socket w, } | over 3 years ago | 1 | 274 | eet | Edit | History | |
| opensuse11.0 | /usr/sbin/httpd2-prefork | # $Id: usr.sbin.httpd2-prefork 706 2007-05-31 06:58:22Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/perl> capability dac_override, capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_tty_config, /dev/random r, /etc/apache2/*.conf r, /etc/apache2/magic r, /etc/apache2/mod_perl-startup.pl r, /etc/apache2/ssl.crt/*.crt r, /etc/apache2/ssl.key/*.key r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/apache2/{conf,sysconfig,vhosts}.d/* r, /etc/fstab r, /etc/mime.types r, /etc/mtab r, /etc/odbcinst.ini r, /etc/php.d/ r, /etc/php.d/** r, /etc/php.ini r, owner /etc/php5/apache2/php.ini r, owner /etc/php5/conf.d/ r, owner /etc/php5/conf.d/bz2.ini r, owner /etc/php5/conf.d/ctype.ini r, owner /etc/php5/conf.d/curl.ini r, owner /etc/php5/conf.d/dom.ini r, owner /etc/php5/conf.d/gd.ini r, owner /etc/php5/conf.d/hash.ini r, owner /etc/php5/conf.d/iconv.ini r, owner /etc/php5/conf.d/json.ini r, owner /etc/php5/conf.d/mbstring.ini r, owner /etc/php5/conf.d/mcrypt.ini r, owner /etc/php5/conf.d/mysql.ini r, owner /etc/php5/conf.d/mysqli.ini r, owner /etc/php5/conf.d/openssl.ini r, owner /etc/php5/conf.d/pdo.ini r, owner /etc/php5/conf.d/pdo_mysql.ini r, owner /etc/php5/conf.d/pdo_pgsql.ini r, owner /etc/php5/conf.d/pdo_sqlite.ini r, owner /etc/php5/conf.d/pgsql.ini r, owner /etc/php5/conf.d/sqlite.ini r, owner /etc/php5/conf.d/tokenizer.ini r, owner /etc/php5/conf.d/xmlreader.ini r, owner /etc/php5/conf.d/xmlwriter.ini r, owner /etc/php5/conf.d/zlib.ini r, /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /tmp/auth_ldap_cache.sem wl, /tmp/session_mm_apache0.sem wl, /tmp/session_mm_apache2handler0.sem wl, /usr/X11R6/lib/lib*.so* mr, /usr/X11R6/lib64/lib*.so* mr, /usr/apache2/error/* r, owner /usr/lib/** m, owner /usr/lib/** r, /usr/lib/apache2-leader/{lib,mod_}*.so* mr, /usr/lib/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib/apache2-worker/{lib,mod_}*.so* mr, /usr/lib/apache2/modules/{lib,mod_}*.so* mr, /usr/lib/apache2/{lib,mod_}*.so mr, /usr/lib/mysql/libmysql*.so* mr, /usr/lib/php/extensions/*.so mr, /usr/lib/php4/*.so mr, /usr/lib/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib/qt3/lib/lib*.so* mr, /usr/lib64/apache2-leader/{lib,mod_}*.so* mr, /usr/lib64/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib64/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib64/apache2-worker/{lib,mod_}*.so* mr, /usr/lib64/apache2/modules/{lib,mod_}*.so* mr, /usr/lib64/apache2/{lib,mod_}*.so* mr, /usr/lib64/mysql/libmysql*.so* mr, /usr/lib64/php/extensions/*.so mr, /usr/lib64/php4/*.so mr, /usr/lib64/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib64/python[12].[0-9]/site-packages r, /usr/lib64/qt3/lib/lib*.so* mr, /usr/local/tomcat/conf/mod_jk.conf r, /usr/local/tomcat/conf/workers-ajp12.properties r, /usr/sbin/httpd2-prefork r, /usr/sbin/suexec2 mrix, /usr/share/apache2/** r, /usr/share/apache2/error/* r, /usr/share/apache2/error/include/* r, /usr/share/misc/magic.mime r, /usr/share/snmp/mibs r, /usr/share/snmp/mibs/*.{txt,mib} r, /usr/share/snmp/mibs/.index rw, /usr/share/ssl/openssl.cnf r, /var/lib/php/sess_* rwl, owner /var/lib/php5/session_mm_apache2handler0.sem wk, /var/lock/httpd2.lock.* wl, /var/log/apache2/* rwl, /var/log/apache2/** rwl, /var/log/httpd/ssl_scache.dir r, /var/log/httpd/ssl_scache.pag r, /var/run/httpd2.mm.* wl, /var/run/httpd2.pid wl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, ^DEFAULT_URI { #include <abstractions/base> #include <abstractions/nameservice> /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /usr/sbin/suexec2 mrix, /usr/share/apache2/** r, /var/lib/php/sess_* rwl, /var/log/apache2/** rwl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } ^HANDLING_UNTRUSTED_INPUT { #include <abstractions/nameservice> /**.htaccess r, /var/log/apache2/* w, } } | over 3 years ago | lista1-apache2 | 223 | kellej | Edit | History | |
| opensuse10.3 | /usr/bin/gnome-cups-icon | #include <tunables/global> /usr/bin/gnome-cups-icon { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.cups/lpoptions r, /home/*/.gnome2_private/ w, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/bin/gnome-cups-icon mr, /var/run/cups/cups.sock w, /var/run/nscd/services r, } | over 4 years ago | Import of jmichaels profiles | 281 | dominic | Edit | History | |
| ubuntu-gutsy | /usr/bin/kchmviewer | #include <tunables/global> /usr/bin/kchmviewer { #include <abstractions/base> /usr/bin/kchmviewer mr, } | over 4 years ago | gnome | 293 | hbpteam | Edit | History | |
| opensuse11.0 | /usr/lib/firefox/firefox.sh | #include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/gnome> #include <abstractions/nameservice> capability sys_nice, /bin/basename rix, owner /bin/bash r, /bin/bash ix, /bin/grep rix, owner /dev/tty rw, owner /etc/gre.d/ r, owner /etc/gre.d/1.9.0.6.system.conf r, owner /etc/magic r, owner /proc/*/mounts r, owner /proc/meminfo r, owner /root/.ICEauthority r, owner /root/.mozilla/extensions/\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}/ r, owner /root/.mozilla/firefox/csakkoc7.default/ r, owner /root/.mozilla/firefox/csakkoc7.default/.parentlock wk, owner /root/.mozilla/firefox/csakkoc7.default/Cache/0C7C62D8d01 r, owner /root/.mozilla/firefox/csakkoc7.default/Cache/14AD9A9Fd01 a, owner /root/.mozilla/firefox/csakkoc7.default/Cache/1FA5993Dd01 a, owner /root/.mozilla/firefox/csakkoc7.default/Cache/2769E828d01 a, owner /root/.mozilla/firefox/csakkoc7.default/Cache/3AE24160d01 r, owner /root/.mozilla/firefox/csakkoc7.default/Cache/44E5AC52d01 a, owner /root/.mozilla/firefox/csakkoc7.default/Cache/46C12EF3d01 r, owner /root/.mozilla/firefox/csakkoc7.default/Cache/5E44DA51d01 r, owner /root/.mozilla/firefox/csakkoc7.default/Cache/6EC5D7E5d01 r, owner /root/.mozilla/firefox/csakkoc7.default/Cache/8EC38512d01 r, owner /root/.mozilla/firefox/csakkoc7.default/Cache/8FAC8659d01 r, owner /root/.mozilla/firefox/csakkoc7.default/Cache/9520129Dd01 r, owner /root/.mozilla/firefox/csakkoc7.default/Cache/A20DC0A1d01 a, owner /root/.mozilla/firefox/csakkoc7.default/Cache/B80EAED0d01 r, owner /root/.mozilla/firefox/csakkoc7.default/Cache/C6B7E8B4d01 r, owner /root/.mozilla/firefox/csakkoc7.default/Cache/E5298C00d01 rw, owner /root/.mozilla/firefox/csakkoc7.default/Cache/E7E740E6d01 r, owner /root/.mozilla/firefox/csakkoc7.default/Cache/F8D5F2ADd01 r, owner /root/.mozilla/firefox/csakkoc7.default/Cache/_CACHE_001_ rw, owner /root/.mozilla/firefox/csakkoc7.default/Cache/_CACHE_002_ rw, owner /root/.mozilla/firefox/csakkoc7.default/Cache/_CACHE_003_ rw, owner /root/.mozilla/firefox/csakkoc7.default/Cache/_CACHE_MAP_ rw, owner /root/.mozilla/firefox/csakkoc7.default/XPC.mfasl r, owner /root/.mozilla/firefox/csakkoc7.default/XUL.mfasl r, owner /root/.mozilla/firefox/csakkoc7.default/bookmarkbackups/ r, owner /root/.mozilla/firefox/csakkoc7.default/cert8.db rw, owner /root/.mozilla/firefox/csakkoc7.default/compatibility.ini r, owner /root/.mozilla/firefox/csakkoc7.default/compreg.dat r, owner /root/.mozilla/firefox/csakkoc7.default/content-prefs.sqlite rwk, owner /root/.mozilla/firefox/csakkoc7.default/cookies.sqlite rwk, owner /root/.mozilla/firefox/csakkoc7.default/cookies.sqlite-journal w, owner /root/.mozilla/firefox/csakkoc7.default/downloads.sqlite rwk, owner /root/.mozilla/firefox/csakkoc7.default/downloads.sqlite-journal w, owner /root/.mozilla/firefox/csakkoc7.default/extensions.cache r, owner /root/.mozilla/firefox/csakkoc7.default/extensions.ini r, owner /root/.mozilla/firefox/csakkoc7.default/extensions/ r, owner /root/.mozilla/firefox/csakkoc7.default/formhistory.sqlite rwk, owner /root/.mozilla/firefox/csakkoc7.default/formhistory.sqlite-journal w, owner /root/.mozilla/firefox/csakkoc7.default/key3.db rw, owner /root/.mozilla/firefox/csakkoc7.default/localstore-1.rdf rw, owner /root/.mozilla/firefox/csakkoc7.default/localstore.rdf rw, owner /root/.mozilla/firefox/csakkoc7.default/lock w, owner /root/.mozilla/firefox/csakkoc7.default/permissions.sqlite rwk, owner /root/.mozilla/firefox/csakkoc7.default/places.sqlite rwk, owner /root/.mozilla/firefox/csakkoc7.default/places.sqlite-journal w, owner /root/.mozilla/firefox/csakkoc7.default/pluginreg.dat r, owner /root/.mozilla/firefox/csakkoc7.default/prefs-1.js rw, owner /root/.mozilla/firefox/csakkoc7.default/prefs.js rw, owner /root/.mozilla/firefox/csakkoc7.default/search.sqlite rwk, owner /root/.mozilla/firefox/csakkoc7.default/secmod.db r, owner /root/.mozilla/firefox/csakkoc7.default/sessionstore-1.js rw, owner /root/.mozilla/firefox/csakkoc7.default/sessionstore.js w, owner /root/.mozilla/firefox/csakkoc7.default/signons3.txt r, owner /root/.mozilla/firefox/csakkoc7.default/urlclassifier3.sqlite rwk, owner /root/.mozilla/firefox/csakkoc7.default/urlclassifier3.sqlite-journal w, owner /root/.mozilla/firefox/csakkoc7.default/urlclassifierkey3.txt rw, owner /root/.mozilla/firefox/csakkoc7.default/xpti.dat r, owner /root/.mozilla/firefox/profiles.ini r, /usr/bin/file rix, owner /usr/lib/** mw, /usr/lib/** r, /usr/lib/firefox/firefox rix, /usr/lib/firefox/firefox.sh rix, owner /usr/share/gvfs/remote-volume-monitors/ r, owner /usr/share/gvfs/remote-volume-monitors/gphoto2.monitor r, owner /usr/share/gvfs/remote-volume-monitors/hal.monitor r, owner /usr/share/misc/magic.mgc r, owner /usr/share/mozilla/extensions/\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}/ r, owner /var/run/dbus/system_bus_socket w, owner /var/run/gdm/auth-for-root-zmzCqU/database r, } | about 1 year ago | 103 | dguttierrez | Edit | History | ||
| opensuse11.0 | /usr/bin/VirtualBox | #include <tunables/global> /usr/bin/VirtualBox flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/bin/VirtualBox r, ^null-11 { /etc/fonts/** r, /etc/kde4/share/config/oxygenrc r, /etc/kde4rc r, /etc/ld.so.cache r, /etc/localtime r, owner /home/*/.Xauthority r, owner /home/*/.config/Trolltech.conf rk, owner /home/*/.fontconfig/912c97adb01af1d6cefde384b6dcb463-x86.cache-2 r, owner /home/*/.kde4/share/config/kdeglobals rk, /lib/lib*so* mr, /usr/lib/gconv/UTF-*.so mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/kde4/plugins/styles/ r, /usr/lib/kde4/plugins/styles/oxygen.so mr, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/lib/qt4/plugins/inputmethods/ r, /usr/share/X11/locale/locale.alias r, /usr/share/X11/locale/locale.dir r, /usr/share/X11/locale/ru_RU.UTF-8/XLC_LOCALE r, /usr/share/fonts/** r, /usr/share/icons/Oxygen_White/cursors/left_ptr r, /usr/share/locale/** r, /var/cache/fontconfig/17090aa38d5c6f09fb8c5c354938f1d7-x86.cache-2 r, /var/cache/fontconfig/2d31a572ce6667f6a0da9c8dc611898b-x86.cache-2 r, /var/cache/fontconfig/30786aca7a961ef9f9799e540455831d-x86.cache-2 r, /var/cache/fontconfig/3830d5c3ddfd5cd38a049b759396e72e-x86.cache-2 r, /var/cache/fontconfig/5ca8086aeacc9c68e81a71e7ef846b3b-x86.cache-2 r, /var/cache/fontconfig/77e41c5059666d75f92e318d4be8c21e-x86.cache-2 r, /var/cache/fontconfig/7ef2298fde41cc6eeb7af42e48b7d293-x86.cache-2 r, /var/cache/fontconfig/8d4af663993b81a124ee82e610bb31f9-x86.cache-2 r, /var/cache/fontconfig/a1c95d6dfc9a7b34f44445cf81166004-x86.cache-2 r, /var/cache/fontconfig/d62e99ef547d1d24cdb1bd22ec1a2976-x86.cache-2 r, /var/cache/fontconfig/df311e82a1a24c41a75c2c930223552e-x86.cache-2 r, owner /var/tmp/kdecache-qzoom/kpc/kde-icon-cache.data rw, owner /var/tmp/kdecache-qzoom/kpc/kde-icon-cache.index rw, owner /var/tmp/kdecache-qzoom/kpc/kde-icon-cache.lock.MT5553 w, owner /var/tmp/kdecache-qzoom/kpc/kde-icon-cache.lock.hX5553 w, } ^null-d { /etc/ld.so.cache r, /lib/lib*so* mr, owner /proc/*/mounts r, /proc/filesystems r, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-f { /dev/null w, /etc/ld.so.cache r, /lib/lib*so* mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/locale/** r, /usr/share/locale/** r, } } | about 1 year ago | 183 | QzooM | Edit | History | ||
| opensuse11.0 | /bin/date | #include <tunables/global> /bin/date { #include <abstractions/base> owner /bin/date mr, } | over 2 years ago | install | 227 | install | Edit | History | |
| opensuse11.0 | /usr/sbin/grub | #include <tunables/global> /usr/sbin/grub flags=(complain) { #include <abstractions/base> } | over 2 years ago | 224 | senolirmak | Edit | History | ||
| opensuse11.0 | /usr/bin/ktorrent | #include <tunables/global> /usr/bin/ktorrent flags=(complain) { #include <abstractions/base> } | over 3 years ago | 23Oktober2008 kontrollieren | 230 | marevent | Edit | History | |
| opensuse10.3 | usr/bin/file | #include <tunables/global> profile usr/bin/file { #include <abstractions/base> /etc/magic r, /usr/bin/file mr, /usr/share/misc/magic.mgc r, } | over 3 years ago | test profile - please don't use | 226 | jjohansen | Edit | History | |
| opensuse11.0 | /usr/sbin/mysqld | #include <tunables/global> /usr/sbin/mysqld flags=(complain) { #include <abstractions/base> } | about 1 year ago | 105 | mwnetsystems | Edit | History | ||
| opensuse11.0 | /usr/bin/xauth | #include <tunables/global> /usr/bin/xauth flags=(complain) { #include <abstractions/base> } | about 1 year ago | teaming | 153 | robertsonreis | Edit | History | |
| opensuse11.0 | /usr/bin/opera | #include <tunables/global> /usr/bin/opera { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, } | about 1 year ago | 1 | 154 | student | Edit | History | |
| opensuse11.0 | /usr/bin/test | #include <tunables/global> /usr/bin/test flags=(complain) { #include <abstractions/base> } | over 2 years ago | 212 | espenbo | Edit | History | ||
| opensuse10.3 | /sbin/syslog-ng | # $Id$ # ------------------------------------------------------------------ # # Copyright (C) 2006 Novell/SUSE # Copyright (C) 2006 Christian Boltz # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /sbin/syslog-ng { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability chown, capability dac_override, capability fowner, capability fsetid, /dev/log w, /dev/tty10 rw, /dev/xconsole rw, /etc/syslog-ng/* r, /sbin/syslog-ng mr, /var/lib/*/dev/log w, /var/log/** w, /var/run/syslog-ng.pid w, } | over 4 years ago | none | 250 | cinimod | Edit | History | |
| opensuse10.3 | /usr/bin/top | #include <tunables/global> /usr/bin/top flags=(complain) { #include <abstractions/base> /proc/ r, /proc/*/stat r, /proc/*/statm r, /proc/loadavg r, /proc/sys/kernel/pid_max r, /proc/uptime r, /usr/bin/top mr, /usr/share/terminfo/x/xterm r, /var/run/nscd/passwd r, /var/run/nscd/socket w, /var/run/utmp kr, } | over 4 years ago | top-log | 278 | Sakthivel Rajan N | Edit | History | |
| opensuse10.3 | /usr/bin/evince | #include <tunables/global> /usr/bin/evince { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/sound/events/gtk-events-2.soundlist r, /etc/xpdfrc r, /etc/xpdfrc-cjk r, /etc/xpdfrc-cjk-auto r, /etc/xpdfrc-cjk.sjis r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2/accels/evince rw, /home/*/.gnome2/evince/ev-metadata.xml rw, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /home/*/.recently-used.xbel rw, /home/*/.recently-used.xbel.* rw, /home/*/Desktop/**.pdf r, /proc/meminfo r, /usr/bin/evince mr, /usr/share/evince/evince-toolbar.xml r, /usr/share/evince/evince-ui.xml r, /usr/share/evince/icons/ r, /usr/share/evince/icons/hicolor/** r, /usr/share/xpdf/** r, /var/cache/libx11/compose/* r, } | over 4 years ago | Import of jmichaels profiles | 279 | dominic | Edit | History | |
| opensuse10.3 | /usr/bin/gnome-power-manager | #include <tunables/global> /usr/bin/gnome-power-manager { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2/gnome-power-manager/ w, /home/*/.gnome2/gnome-power-manager/* rw, /home/*/.gnome2_private/ w, /home/*/.gstreamer-0.10/registry.i686.xml rw, /home/*/.gstreamer-0.10/registry.i686.xml.tmp* rw, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /proc/stat r, /usr/bin/bug-buddy ixr, /usr/bin/gnome-power-manager mr, /usr/lib/nautilus-cd-burner/mapping-daemon Px, /usr/share/gnome-power-manager/*.glade r, /usr/share/gnome-power-manager/icons/ r, /usr/share/gnome-power-manager/icons/** r, } | over 4 years ago | none | 250 | cinimod | Edit | History | |
| opensuse10.3 | /usr/bin/gnome-cups-icon | #include <tunables/global> /usr/bin/gnome-cups-icon { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.cups/lpoptions r, /home/*/.gnome2_private/ w, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/bin/gnome-cups-icon mr, /var/run/cups/cups.sock w, /var/run/nscd/services r, } | over 4 years ago | none | 256 | cinimod | Edit | History | |
| opensuse10.3 | /usr/lib/nautilus-cd-burner/mapping-daemon | #include <tunables/global> /usr/lib/nautilus-cd-burner/mapping-daemon flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /tmp/mapping-* w, /tmp/virtual-*/ w, /usr/lib/nautilus-cd-burner/mapping-daemon mr, } | over 4 years ago | argh, switch things back to complain for a while | 294 | jmichael | Edit | History | |
| opensuse10.3 | /usr/sbin/saslauthd | #include <tunables/global> /usr/sbin/saslauthd { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/nameservice> capability dac_override, /etc/saslauthd.conf r, /usr/sbin/saslauthd mr, /var/run/sasl2/* krw, } | over 4 years ago | 261 | jco | Edit | History | ||
| opensuse11.0 | /usr/local/twonky/twonkymediaserver | #include <tunables/global> /usr/local/twonky/twonkymediaserver { #include <abstractions/base> } | 2 months ago | 19 | EricLoman | Edit | History | ||
| opensuse11.0 | /usr/lib/firefox/firefox.sh | #include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, } | over 2 years ago | 24032009 | 187 | rollo | Edit | History | |
| opensuse11.0 | /usr/bin/dirname | #include <tunables/global> /usr/bin/dirname { #include <abstractions/base> /usr/bin/dirname mr, } | over 2 years ago | pruebaperf | 222 | prueba | Edit | History | |
| ubuntu-gutsy | /usr/lib/postfix/discard | # $Id: usr.lib.postfix.discard 90 2006-08-04 19:13:59Z seth_arnold $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/lib/postfix/discard { #include <abstractions/base> /usr/lib/postfix/discard rmix, } | over 3 years ago | 227 | stive | Edit | History | ||
| opensuse11.0 | /usr/lib/thunderbird/thunderbird | #include <tunables/global> /usr/lib/thunderbird/thunderbird { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, } | over 3 years ago | 1 | 236 | maku | Edit | History | |
| opensuse10.3 | /usr/lib/AntiVir/antivir-gui | #include <tunables/global> /usr/lib/AntiVir/antivir-gui { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/lib/AntiVir/antivir-gui mr, } | over 4 years ago | ChangeLog | 255 | tdanisi | Edit | History | |
| ubuntu-gutsy | /usr/sbin/jabberd2-sm | #include <tunables/global> /usr/sbin/jabberd2-sm flags=(complain) { #include <abstractions/base> /usr/sbin/jabberd2-sm mr, } | over 4 years ago | 274 | igoriii | Edit | History | ||
| opensuse10.3 | /usr/sbin/iwconfig | #include <tunables/global> /usr/sbin/iwconfig flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, /proc/net/dev r, /usr/sbin/iwconfig mr, } | over 4 years ago | argh, switch things back to complain for a while | 271 | jmichael | Edit | History | |
| opensuse11.0 | /usr/bin/finger | #include <tunables/global> /usr/bin/finger flags=(complain) { #include <abstractions/base> /etc/default/nss r, /etc/nsswitch.conf r, /etc/passwd r, /var/run/utmp r, } | about 1 year ago | First run | 78 | kornatzky | Edit | History | |
| opensuse11.0 | /usr/lib64/firefox/firefox.sh | #include <tunables/global> /usr/lib64/firefox/firefox.sh { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> capability sys_ptrace, /bin/basename rix, /bin/bash rix, /bin/grep rix, /dev/shm/ r, owner /dev/shm/pulse-shm-1311617008 r, owner /dev/shm/pulse-shm-29060866 rw, owner /dev/shm/pulse-shm-3992416065 rw, /dev/tty rw, /etc/fonts/** r, /etc/gnome-vfs-2.0/modules/ r, /etc/gnome-vfs-2.0/modules/default-modules.conf r, /etc/gnome-vfs-2.0/modules/smb-module.conf r, /etc/gnome-vfs-2.0/modules/ssl-modules.conf r, /etc/gre.d/ r, /etc/gre.d/1.9.0.17-64bit.system.conf r, /etc/gre.d/1.9.2.0-64bit.system.conf r, /etc/gtk-2.0/gdk-pixbuf64.loaders r, /etc/gtk-2.0/gtk64.immodules r, /etc/gtk-2.0/gtkrc r, /etc/magic r, /etc/mailcap r, /etc/mime.types r, /etc/pango/pango64.modules r, /etc/pulse/client.conf r, owner /home/*/.ICEauthority r, owner /home/*/.Xauthority r, owner /home/*/.config/qtcurve.gtk-colors rw, owner /home/*/.config/qtcurve.gtk-icons rw, owner /home/*/.config/qtcurvestylerc r, owner /home/*/.esd_auth r, owner /home/*/.fonts.conf r, owner /home/*/.kde/share/config/gtkrc-2.0 r, owner /home/*/.kde/share/config/kdeglobals r, owner /home/*/.mozilla/extensions/\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}/ r, owner /home/*/.mozilla/firefox/default/ r, owner /home/*/.mozilla/firefox/default/.parentlock wk, owner /home/*/.mozilla/firefox/default/XPC.mfasl r, owner /home/*/.mozilla/firefox/default/XUL.mfasl r, owner /home/*/.mozilla/firefox/default/adblockplus/patterns.ini rw, owner /home/*/.mozilla/firefox/default/adblockplus/patterns.ini-temp rw, owner /home/*/.mozilla/firefox/default/bookmarkbackups/ r, owner /home/*/.mozilla/firefox/default/cert8.db rw, owner /home/*/.mozilla/firefox/default/compatibility.ini r, owner /home/*/.mozilla/firefox/default/compreg.dat r, owner /home/*/.mozilla/firefox/default/content-prefs.sqlite rwk, owner /home/*/.mozilla/firefox/default/cookies.sqlite rwk, owner /home/*/.mozilla/firefox/default/cookies.sqlite-journal w, owner /home/*/.mozilla/firefox/default/downloads.sqlite rwk, owner /home/*/.mozilla/firefox/default/downloads.sqlite-journal w, owner /home/*/.mozilla/firefox/default/extensions.cache r, owner /home/*/.mozilla/firefox/default/extensions.ini r, owner /home/*/.mozilla/firefox/default/extensions/ r, owner /home/*/.mozilla/firefox/default/extensions/\{0AE5CAA4-8BAB-11DB-AF59-ED4B56D89593\}/chrome.manifest r, owner /home/*/.mozilla/firefox/default/extensions/\{0AE5CAA4-8BAB-11DB-AF59-ED4B56D89593\}/chrome/secondsearch.jar r, owner /home/*/.mozilla/firefox/default/extensions/\{0AE5CAA4-8BAB-11DB-AF59-ED4B56D89593\}/defaults/preferences/ r, owner /home/*/.mozilla/firefox/default/extensions/\{0AE5CAA4-8BAB-11DB-AF59-ED4B56D89593\}/defaults/preferences/secondsearch.js r, owner /home/*/.mozilla/firefox/default/extensions/\{54BB9F3F-07E5-486c-9B39-C7398B99391C\}/chrome.manifest r, owner /home/*/.mozilla/firefox/default/extensions/\{54BB9F3F-07E5-486c-9B39-C7398B99391C\}/defaults/preferences/ r, owner /home/*/.mozilla/firefox/default/extensions/\{54BB9F3F-07E5-486c-9B39-C7398B99391C\}/defaults/preferences/textlink.js r, owner /home/*/.mozilla/firefox/default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/chrome.manifest r, owner /home/*/.mozilla/firefox/default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/chrome/adblockplus.jar r, owner /home/*/.mozilla/firefox/default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/defaults/preferences/ r, owner /home/*/.mozilla/firefox/default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/defaults/preferences/adblockplus.js r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/chrome.manifest r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/content/firebug/bindings.xml r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/content/firebug/branch.properties r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/content/firebug/firebug.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/content/firebug/panel.html r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/defaults/preferences/ r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/defaults/preferences/firebug.js r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/locale/en-US/firebug.dtd r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/locale/en-US/firebug.properties r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/Templarian_inspector.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/breakNext.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/breakNextActive.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/breakNextArmed.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/breakNextDisabled.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/console.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/continueDisabled.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/css.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/debugger.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/dom.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/firebug-gray-16.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/firebug.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/firebug.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/html.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/layout.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/net.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/panel.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/panelbase.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/stepIntoDisabled.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/stepOutDisabled.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/stepOverDisabled.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/traceConsole.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/detach.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/down.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/firebug.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/min.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/off.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/panel.css r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/tabBg.png r, owner /home/*/.mozilla/firefox/default/extensions/firebug@software.joehewitt.com/skin/classic/win/up.png r, owner /home/*/.mozilla/firefox/default/firebug/annotations.json rw, owner /home/*/.mozilla/firefox/default/formhistory.sqlite rwk, owner /home/*/.mozilla/firefox/default/key3.db rw, owner /home/*/.mozilla/firefox/default/localstore-1.rdf rw, owner /home/*/.mozilla/firefox/default/localstore.rdf rw, owner /home/*/.mozilla/firefox/default/lock w, owner /home/*/.mozilla/firefox/default/mimeTypes.rdf rw, owner /home/*/.mozilla/firefox/default/permissions.sqlite rwk, owner /home/*/.mozilla/firefox/default/places.sqlite rwk, owner /home/*/.mozilla/firefox/default/places.sqlite-journal rw, owner /home/*/.mozilla/firefox/default/pluginreg.dat r, owner /home/*/.mozilla/firefox/default/prefs-1.js rw, owner /home/*/.mozilla/firefox/default/prefs.js rw, owner /home/*/.mozilla/firefox/default/search.json r, owner /home/*/.mozilla/firefox/default/search.sqlite rwk, owner /home/*/.mozilla/firefox/default/secmod.db r, owner /home/*/.mozilla/firefox/default/urlclassifier3.sqlite rwk, owner /home/*/.mozilla/firefox/default/urlclassifier3.sqlite-journal w, owner /home/*/.mozilla/firefox/default/urlclassifierkey3.txt rw, owner /home/*/.mozilla/firefox/default/xpti.dat r, owner /home/*/.mozilla/firefox/profiles.ini r, owner /home/*/.qt/qtrc r, /opt/kde3/share/icons/crystalsvg/16x16/actions/add.png r, /opt/kde3/share/icons/crystalsvg/16x16/actions/fileclose.png r, /opt/kde3/share/icons/crystalsvg/22x22/actions/back.png r, /opt/kde3/share/icons/crystalsvg/22x22/actions/forward.png r, /opt/kde3/share/icons/crystalsvg/22x22/actions/gohome.png r, /opt/kde3/share/icons/crystalsvg/22x22/actions/reload.png r, /opt/kde3/share/icons/crystalsvg/22x22/actions/stop.png r, owner /proc/*/cmdline r, owner /proc/*/mounts r, /proc/cpuinfo r, /proc/meminfo r, /tmp/ r, /tmp/.X11-unix/X0 w, owner /tmp/.esd-1005/socket rw, owner /tmp/orbit-student/ w, owner /tmp/orbit-student/linc-116a-0-9e318fc3e1a5 w, owner /tmp/orbit-student/linc-1b48-0-376f972d64afc w, owner /tmp/pulse-jLg7ZFuCbSIo/native w, /usr/bin/dbus-launch rix, /usr/bin/file rix, /usr/lib64/** mr, /usr/lib64/firefox/firefox rix, /usr/share/fonts/** r, /usr/share/icons/DMZ/cursors/bottom_right_corner r, /usr/share/icons/DMZ/cursors/left_ptr r, /usr/share/icons/DMZ/cursors/xterm r, /usr/share/misc/magic.mgc r, /usr/share/mozilla/extensions/\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}/ r, /usr/share/mozilla/extensions/\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}/susefox@opensuse.org/chrome.manifest r, /usr/share/mozilla/extensions/\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}/susefox@opensuse.org/defaults/preferences/ r, /usr/share/mozilla/extensions/\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}/susefox@opensuse.org/defaults/preferences/susefox-pfs.js r, /usr/share/sounds/freedesktop/index.theme r, /usr/share/themes/Gilouche/gtk-2.0/gtkrc r, /usr/share/themes/QtCurve/gtk-2.0/gtkrc r, /var/cache/fontconfig/0c42b92420913fbcd7539015ba025a31-x86-64.cache-2 r, /var/cache/fontconfig/0cb4977238439d35570f02dadf93f40f-x86-64.cache-2 r, /var/cache/fontconfig/17090aa38d5c6f09fb8c5c354938f1d7-x86-64.cache-2 r, /var/cache/fontconfig/2d31a572ce6667f6a0da9c8dc611898b-x86-64.cache-2 r, /var/cache/fontconfig/30786aca7a961ef9f9799e540455831d-x86-64.cache-2 r, /var/cache/fontconfig/3830d5c3ddfd5cd38a049b759396e72e-x86-64.cache-2 r, /var/cache/fontconfig/4b172ca7f111e3cffadc3636415fead9-x86-64.cache-2 r, /var/cache/fontconfig/5ca8086aeacc9c68e81a71e7ef846b3b-x86-64.cache-2 r, /var/cache/fontconfig/77e41c5059666d75f92e318d4be8c21e-x86-64.cache-2 r, /var/cache/fontconfig/7ef2298fde41cc6eeb7af42e48b7d293-x86-64.cache-2 r, /var/cache/fontconfig/8d4af663993b81a124ee82e610bb31f9-x86-64.cache-2 r, /var/cache/fontconfig/a1c95d6dfc9a7b34f44445cf81166004-x86-64.cache-2 r, /var/cache/fontconfig/c16af864172909159ced9a806109b5c1-x86-64.cache-2 r, /var/cache/fontconfig/c36a5ca5419b5200dcfc86d54b5d311a-x86-64.cache-2 r, /var/cache/fontconfig/c952848b32a83a3db68a27ab871288f2-x86-64.cache-2 r, /var/cache/fontconfig/cf6c88e680607f2ab796171745f068a4-x86-64.cache-2 r, /var/cache/fontconfig/d62e99ef547d1d24cdb1bd22ec1a2976-x86-64.cache-2 r, /var/cache/fontconfig/df311e82a1a24c41a75c2c930223552e-x86-64.cache-2 r, /var/lib/dbus/machine-id r, /var/run/dbus/system_bus_socket w, /var/tmp/ r, } | about 1 year ago | 165 | xxxx | Edit | History | ||
| opensuse11.0 | /bin/basename | #include <tunables/global> /bin/basename { deny /dev/urandom r, deny /etc/ld.so.cache r, /bin/basename mr, /lib/ld-*.so mrcx, /lib/libc-2.8.so mr, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/locale/** r, /usr/share/locale/locale.alias r, profile /lib/ld-2.8.so { } } | over 2 years ago | 202 | philodoxia | Edit | History | ||
| opensuse10.3 | /sbin/ifconfig | #include <tunables/global> /sbin/ifconfig flags=(complain) { #include <abstractions/base> /sbin/ifconfig mr, } | over 3 years ago | 249 | AnThraxII | Edit | History | ||
| opensuse10.3 | /usr/sbin/zypp-checkpatches-wrapper | #include <tunables/global> /usr/sbin/zypp-checkpatches-wrapper flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> capability setgid, capability setuid, /usr/bin/zypper Px, /usr/sbin/zypp-checkpatches-wrapper mr, } | over 4 years ago | few extra changes | 253 | jmichael | Edit | History | |
| ubuntu-gutsy | /usr/bin/cddb-slave2-properties | #include <tunables/global> /usr/bin/cddb-slave2-properties { #include <abstractions/base> /usr/bin/cddb-slave2-properties mr, } | over 4 years ago | gnome | 280 | hbpteam | Edit | History | |
| opensuse10.3 | /usr/bin/evince | #include <tunables/global> /usr/bin/evince { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/sound/events/gtk-events-2.soundlist r, /etc/xpdfrc r, /etc/xpdfrc-cjk r, /etc/xpdfrc-cjk-auto r, /etc/xpdfrc-cjk.sjis r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2/accels/evince rw, /home/*/.gnome2/evince/ev-metadata.xml rw, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /home/*/.recently-used.xbel rw, /home/*/.recently-used.xbel.* rw, /home/*/Desktop/**.pdf r, /proc/meminfo r, /usr/bin/evince mr, /usr/share/evince/evince-toolbar.xml r, /usr/share/evince/evince-ui.xml r, /usr/share/evince/icons/ r, /usr/share/evince/icons/hicolor/** r, /usr/share/xpdf/** r, /var/cache/libx11/compose/* r, } | over 4 years ago | none | 237 | cinimod | Edit | History | |
| opensuse10.3 | /usr/bin/gnome-power-manager | #include <tunables/global> /usr/bin/gnome-power-manager { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2/gnome-power-manager/ w, /home/*/.gnome2/gnome-power-manager/* rw, /home/*/.gnome2_private/ w, /home/*/.gstreamer-0.10/registry.i686.xml rw, /home/*/.gstreamer-0.10/registry.i686.xml.tmp* rw, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /proc/stat r, /usr/bin/bug-buddy ixr, /usr/bin/gnome-power-manager mr, /usr/lib/nautilus-cd-burner/mapping-daemon Px, /usr/share/gnome-power-manager/*.glade r, /usr/share/gnome-power-manager/icons/ r, /usr/share/gnome-power-manager/icons/** r, } | over 4 years ago | Import of jmichaels profiles | 284 | dominic | Edit | History | |
| opensuse11.0 | /etc/init.d/apache2 | #include <tunables/global> /etc/init.d/apache2 flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, ^DEFAULT_URI { } ^HANDLING_UNTRUSTED_INPUT { } } | over 2 years ago | apache_clog | 202 | Charles Fuller | Edit | History | |
| opensuse10.3 | /usr/lib/firefox/firefox-bin | #include <tunables/global> /usr/lib/firefox/firefox-bin { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /bin/bash ix, /bin/grep ixr, /bin/netstat Px, /bin/ps Px, /etc/gai.conf r, /etc/gconf/2/path r, /etc/gconf/gconf.xml.defaults/ r, /etc/gconf/gconf.xml.mandatory/ r, /etc/gconf/gconf.xml.schemas/ r, /etc/gconf/gconf.xml.schemas/desktop/ r, /etc/gconf/gconf.xml.schemas/desktop/gnome/ r, /etc/gconf/gconf.xml.schemas/desktop/gnome/interface/%gconf.xml r, /etc/gconf/gconf.xml.schemas/desktop/gnome/sound/%gconf.xml r, /etc/gconf/gconf.xml.schemas/schemas/ r, /etc/gconf/gconf.xml.schemas/schemas/desktop/ r, /etc/gconf/gconf.xml.schemas/schemas/desktop/gnome/ r, /etc/gconf/gconf.xml.schemas/schemas/desktop/gnome/interface/%gconf.xml r, /etc/gconf/gconf.xml.schemas/schemas/desktop/gnome/sound/%gconf.xml r, /etc/gnome-vfs-2.0/modules/ r, /etc/mailcap r, /etc/mime.types r, /etc/mtab r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/*.conf r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.adobe/Flash_Player/** r, /home/*/.beagle/ToIndex/* rw, /home/*/.beagle/socket w, /home/*/.bookmarks.html rw, /home/*/.config/*.gtk-icons rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini.* rw, /home/*/.config/qtcurve.gtk-colors rw, /home/*/.config/qtcurvestylerc r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gconf/ r, /home/*/.gconf/*.writeability w, /home/*/.gconfd/saved_state rw, /home/*/.gconfd/saved_state.orig w, /home/*/.gconfd/saved_state.tmp rw, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.kde/share/config/gtkrc-2.0 r, /home/*/.kde/share/config/kdeglobals r, /home/*/.local/share/applications/ r, /home/*/.local/share/applications/*.desktop r, /home/*/.local/share/applications/defaults.list r, /home/*/.local/share/applications/mimeinfo.cache r, /home/*/.local/share/icons/ r, /home/*/.macromedia/Flash_Player/** r, /home/*/.mailcap r, /home/*/.mozilla/firefox/** krw, /home/*/.mozilla/plugins/ r, /home/*/.mozilla/plugins/libflashplayer.so mr, /home/*/.qt/qtrc r, /home/*/.recently-used.xbel r, /home/*/Desktop/ r, /home/*/Desktop/** rw, /home/*/Documents/** rw, /opt/kde3/bin/gwenview Px, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/kde/*.desktop r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/*/cmdline r, /proc/*/maps r, /proc/cpuinfo r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /tmp/** klrw, /usr/bin/acroread Px, /usr/bin/eog Px, /usr/bin/evince Px, /usr/bin/file-roller Px, /usr/bin/gimp-remote-2.2 Px, /usr/bin/gvim-normal ixr, /usr/bin/mplayer Px, /usr/bin/oowriter ixr, /usr/lib/** mr, /usr/lib/GConf/2/gconfd-2 ixr, /usr/lib/firefox/firefox-bin ixr, /usr/lib/firefox/firefox.sh Px, /usr/share/applications/ r, /usr/share/applications/*.desktop r, /usr/share/applications/mimeinfo.cache r, /usr/share/dist/icons/suse-help.svg r, /usr/share/gdm/applications/ r, /usr/share/locale-bundle/cs/LC_MESSAGES/GConf2.mo r, /usr/share/locale-bundle/cs/LC_MESSAGES/glib20.mo r, /usr/share/locale-bundle/cs/LC_MESSAGES/libbonobo-2.0.mo r, /usr/share/locale-bundle/cs/LC_MESSAGES/libgnome-2.0.mo r, /usr/share/mime/**.xml r, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/* r, } | over 3 years ago | firefox | 237 | vojta | Edit | History | |
| opensuse11.0 | /root/Desktop/Google-googleearth.desktop | #include <tunables/global> /root/Desktop/Google-googleearth.desktop flags=(complain) { #include <abstractions/base> } | about 1 year ago | googleEarth | 79 | frayedknot2 | Edit | History | |
| opensuse11.0 | /usr/bin/pidgin | #include <tunables/global> /usr/bin/pidgin { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/nameservice> #include <abstractions/ssl_certs> deny /usr/bin/bug-buddy x, deny /usr/bin/gconftool-2 x, deny /usr/bin/gnome-open x, deny /usr/bin/xdg-open x, deny /usr/lib/firefox/firefox.sh x, /dev/shm/ r, owner /dev/shm/pulse-shm* rw, /etc/pulse/client.conf r, owner /home/*/.gnome2/nautilus-sendto/pidgin_buddies_online w, owner /home/*/.gnome2/nautilus-sendto/pidgin_buddies_online.* rw, owner /home/*/.gnome2/nautilus-sendto/spool/ r, owner /home/*/.gstreamer-0.10/registry.i686.bin r, owner /home/*/.gstreamer-0.10/registry.i686.bin.tmp* a, owner /home/*/.icons/ r, owner /home/*/.purple/* rw, owner /home/*/.purple/certificates/x509/tls_peers/* rw, owner /home/*/.purple/icons/* rw, owner /home/*/.purple/logs/ rw, owner /home/*/.purple/logs/icq/ rw, owner /home/*/.purple/logs/icq/** rw, owner /home/*/.purple/smileys/ r, owner /proc/*/fd/ r, owner /proc/*/maps r, /proc/*/mounts r, /usr/bin/gconftool-2 mr, /usr/bin/pidgin r, /usr/lib/** mr, /usr/share/gvfs/remote-volume-monitors/ r, /usr/share/gvfs/remote-volume-monitors/gphoto2.monitor r, /usr/share/gvfs/remote-volume-monitors/hal.monitor r, /usr/share/locale-bundle/ru/LC_MESSAGES/* r, /usr/share/purple/ca-certs/ r, /usr/share/themes/ r, owner /var/run/gdm/auth-for*/database r, } | about 1 year ago | 89 | cityzen | Edit | History | ||
| opensuse11.0 | /usr/lib64/amanda/amidxtaped | #include <tunables/global> /usr/lib64/amanda/amidxtaped { #include <abstractions/base> } | over 2 years ago | 203 | shimingzhou | Edit | History | ||
| opensuse11.0 | /usr/lib/firefox/firefox.sh | #include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> audit network stream, /bin/basename rcx, /bin/bash rix, /bin/grep rix, /etc/gnome-vfs-2.0/modules/ r, /etc/gre.d/ r, /etc/gre.d/* r, /etc/mailcap r, /etc/mime.types r, /etc/opt/kde3/**/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, owner /home/*/.ICEauthority r, owner /home/*/.Xauthority r, owner /home/*/.adobe/Flash_Player/*/ r, owner /home/*/.config/Trolltech.conf r, owner /home/*/.config/qtcurve.gtk-colors rw, owner /home/*/.config/qtcurve.gtk-icons rw, owner /home/*/.config/qtcurvestylerc r, owner /home/*/.fontconfig/* r, owner /home/*/.fonts.conf r, owner /home/*/.kde/share/config/gtkrc-2.0 r, owner /home/*/.kde/share/config/kdeglobals r, owner /home/*/.kde4/share/config/gtkrc-2.0 r, owner /home/*/.local/share/applications/ r, owner /home/*/.local/share/mime/mime.cache r, owner /home/*/.macromedia/Flash_Player/** r, owner /home/*/.mozilla/extensions/*/ r, owner /home/*/.mozilla/firefox/** rwk, owner /home/*/.qt/qtrc r, owner /home/*/Documents/.etc/mozilla/extensions/*/ r, owner /home/*/Documents/.etc/mozilla/extensions/\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}/ r, owner /home/*/Documents/.etc/mozilla/firefox/* r, owner /home/*/Documents/.etc/mozilla/firefox/*/ r, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/* rwk, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/*/ rw, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/Cache.Trash/*/ w, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/Cache.Trash/Trash/*/ w, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/Cache/* rw, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/adblockplus/* r, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/chrome/* r, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/extensions/** r, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/gm_scripts/* r, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/searchplugins/* rw, owner /home/*/downloads/ w, owner /home/draglor/Documents/Temp/ w, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/kde/ark.desktop r, /opt/kde3/share/applications/mimeinfo.cache r, owner /proc/*/cmdline r, owner /proc/*/maps r, /proc/cpuinfo r, /proc/meminfo r, /usr/bin/file rcx, /usr/lib/firefox/firefox mrpx, /usr/lib/firefox/firefox.sh rix, /usr/share/applications/ r, /usr/share/applications/mimeinfo.cache r, /usr/share/locale-bundle/de/LC_MESSAGES/* r, /usr/share/locale-bundle/ru/LC_MESSAGES/* r, /usr/share/mime/application/x-bzip.xml r, /usr/share/mozilla/extensions/*/ r, /var/cache/gio-2.0/defaults.list r, /var/cache/libx11/compose/l4_024_313cb605_00280cc0 r, profile /bin/basename { #include <abstractions/base> /bin/basename mr, } profile /usr/bin/file { #include <abstractions/base> /etc/magic r, /usr/bin/file mr, /usr/share/misc/magic.mgc r, } } | over 3 years ago | Firefox aktualisiertes Profil | 229 | amat17t | Edit | History | |
| opensuse10.3 | /bin/ping | # $Id: bin.ping 935 2007-08-20 01:28:20Z DominicReynolds_ $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /bin/ping { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability net_raw, capability setuid, network inet raw, /bin/ping mixr, /etc/modules.conf r, /var/run/avahi-daemon/socket w, } | over 4 years ago | none | 239 | cinimod | Edit | History | |
| opensuse10.3 | /usr/bin/knotify4 | #include <tunables/global> /usr/bin/knotify4 { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/kde> #include <abstractions/nameservice> /etc/kde4/* r, /home/*/.Xauthority r, /home/*/.config/Trolltech.conf kr, /home/*/.fontconfig/* r, /home/*/.fonts.conf r, /home/*/.kde4/cache-*/** lrw, /home/*/.kde4/share/apps/kde/ w, /home/*/.kde4/share/apps/kwin/ w, /home/*/.kde4/share/config/ w, /home/*/.kde4/share/config/* r, /home/*/.kde4/share/config/*new rw, /home/*/.kde4/share/config/*rc rw, /home/*/.kde4/share/config/*rc.lock lrw, /home/*/.kde4/share/config/*rc.lock.* rw, /home/*/.xine/catalog.cache rw, /proc/cpuinfo r, /proc/meminfo r, /usr/bin/knotify4 mr, /usr/lib/kde4/*.so mr, /usr/lib/kde4/libexec/drkonqi Px, /usr/lib/kde4/plugins/**.so mr, /usr/lib/xine/plugins/**.so mr, /usr/share/kde4/apps/** r, /usr/share/xine/libxine1/fonts/ r, } | over 4 years ago | kde4 rc2 tests | 269 | dominic | Edit | History | |
| opensuse10.3 | /usr/local/bin/tor | #include <tunables/global> /usr/local/bin/tor { #include <abstractions/base> /usr/local/bin/tor mr, } | over 4 years ago | changes-3 | 265 | security | Edit | History | |
| ubuntu-gutsy | /usr/bin/dspam | #include <tunables/global> /usr/bin/dspam { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/nis> capability dac_override, capability net_bind_service, /etc/dspam/* r, /etc/dspam/dspam.d/ r, /usr/bin/dspam mr, /var/lib/amavis/tmp/** r, /var/run/dspam/dspam.pid w, } | over 3 years ago | 252 | stive | Edit | History | ||
| opensuse10.3 | /bin/netstat | # $Id: bin.netstat 697 2007-05-25 03:09:30Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ # evolution, amongst other things, calls this program. I didn't want to # give evolution access to significant chunks of /proc # #include <tunables/global> /bin/netstat { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability dac_override, capability dac_read_search, /bin/netstat rmix, /etc/networks r, @{PROC} r, @{PROC}/[0-9]*/cmdline r, @{PROC}/[0-9]*/fd r, @{PROC}/net r, @{PROC}/net/* r, } | over 4 years ago | 20071015 | 245 | davepl | Edit | History | |
| opensuse10.3 | /usr/bin/smbspool | #include <tunables/global> /usr/bin/smbspool flags=(complain) { #include <abstractions/base> /usr/bin/smbspool mr, } | over 4 years ago | cups testing | 372 | dominic | Edit | History | |
| ubuntu-gutsy | /usr/bin/Xorg | #include <tunables/global> /usr/bin/Xorg { #include <abstractions/base> #include <abstractions/nvidia> #include <abstractions/user-tmp> capability dac_override, capability ipc_owner, capability setgid, capability setuid, capability sys_admin, capability sys_rawio, capability sys_tty_config, /bin/dash Px, /dev/input/mice rw, /dev/mem r, /dev/tty0 w, /dev/tty7 rw, /etc/X11/xorg.conf r, /etc/X11/xserver/SecurityPolicy r, /home/*/.gnome2/share/cursor-fonts/fonts.dir r, /home/void/.gnome2/share/fonts/** r, /proc/bus/pci/00/00.0 r, /proc/bus/pci/00/01.0 r, /proc/bus/pci/00/01.1 r, /proc/bus/pci/00/02.0 r, /proc/bus/pci/00/02.1 r, /proc/bus/pci/00/02.2 r, /proc/bus/pci/00/05.0 r, /proc/bus/pci/00/06.0 r, /proc/bus/pci/00/08.0 r, /proc/bus/pci/00/0a.0 r, /proc/bus/pci/00/0b.0 rw, /proc/bus/pci/00/0e.0 r, /proc/bus/pci/00/18.0 r, /proc/bus/pci/00/18.1 r, /proc/bus/pci/00/18.2 r, /proc/bus/pci/00/18.3 r, /proc/bus/pci/01/00.0 rw, /proc/bus/pci/02/08.0 r, /proc/bus/pci/02/08.1 r, /proc/bus/pci/02/0a.0 r, /proc/driver/nvidia/registry r, /proc/meminfo r, /proc/modules r, /sys/bus/pci/devices/ r, /sys/devices/pci0000:00/0000:00:00.0/resource r, /sys/devices/pci0000:00/0000:00:01.0/resource r, /sys/devices/pci0000:00/0000:00:01.1/resource r, /sys/devices/pci0000:00/0000:00:02.0/resource r, /sys/devices/pci0000:00/0000:00:02.1/resource r, /sys/devices/pci0000:00/0000:00:02.2/resource r, /sys/devices/pci0000:00/0000:00:05.0/resource r, /sys/devices/pci0000:00/0000:00:06.0/resource r, /sys/devices/pci0000:00/0000:00:08.0/resource r, /sys/devices/pci0000:00/0000:00:0a.0/resource r, /sys/devices/pci0000:00/0000:00:0b.0/0000:01:00.0/resource r, /sys/devices/pci0000:00/0000:00:0b.0/resource r, /sys/devices/pci0000:00/0000:00:0e.0/0000:02:08.0/resource r, /sys/devices/pci0000:00/0000:00:0e.0/0000:02:08.1/resource r, /sys/devices/pci0000:00/0000:00:0e.0/0000:02:0a.0/resource r, /sys/devices/pci0000:00/0000:00:0e.0/resource r, /sys/devices/pci0000:00/0000:00:18.0/resource r, /sys/devices/pci0000:00/0000:00:18.1/resource r, /sys/devices/pci0000:00/0000:00:18.2/resource r, /sys/devices/pci0000:00/0000:00:18.3/resource r, /usr/bin/Xorg mr, /usr/lib/** mr, /usr/share/X11/xkb/rules/base r, /usr/share/fonts/** r, /var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType/fonts.alias r, /var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType/fonts.dir r, /var/lib/gdm/:0.Xauth r, /var/lib/xkb/server-0.xkm rw, /var/log/Xorg.0.log rw, /var/log/Xorg.0.log.old w, /var/run/acpid.socket w, } | over 4 years ago | gnome | 282 | hbpteam | Edit | History | |
| opensuse11.0 | /usr/bin/file | #include <tunables/global> /usr/bin/file { #include <abstractions/base> } | over 2 years ago | 176 | osmo | Edit | History | ||
| opensuse11.0 | /usr/sbin/sshd | # $Id: usr.sbin.sshd 697 2007-05-25 03:09:30Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ # will need to revalidate this profile once we finish re-architecting # the change_hat patch. # #include <tunables/global> /usr/sbin/sshd { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/wutmp> capability chown, capability fowner, capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_chroot, capability sys_tty_config, /bin/ash Ux, /bin/bash Ux, /bin/bash2 Ux, /bin/bsh Ux, /bin/csh Ux, /bin/ksh Ux, /bin/sh Ux, /bin/tcsh Ux, /bin/zsh Ux, /dev/ptmx rw, /dev/pts/[0-9]* rw, /dev/urandom r, /etc/environment r, /etc/hosts.allow r, /etc/hosts.deny r, /etc/modules.conf r, /etc/motd r, /etc/ssh/* r, /etc/ssh/moduli r, /sbin/nologin Ux, /tmp/ssh-*/agent.[0-9]* rwl, /tmp/ssh-*[0-9]*/ w, /usr/sbin/sshd mrix, owner /var/db/nscd/* r, owner /var/log/wtmp k, /var/log/wtmp w, /var/run w, /var/run/sshd{,.init}.pid wl, owner /var/run/utmp k, /var/run/utmp rw, @{HOME}/.ssh/authorized_keys{,2} r, @{PROC}/[0-9]*/fd/ r, @{PROC}/[0-9]*/loginuid w, @{PROC}/[0-9]*/mounts r, ^AUTHENTICATED { #include <abstractions/authentication> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/wutmp> capability setgid, capability setuid, capability sys_tty_config, /dev/log w, /dev/ptmx rw, /etc/default/passwd r, /etc/localtime r, /etc/login.defs r, /etc/motd r, /tmp/ssh-*/agent.[0-9]* rwl, /tmp/ssh-*[0-9]*/ w, } ^EXEC { #include <abstractions/base> /bin/ash Ux, /bin/bash Ux, /bin/bash2 Ux, /bin/bsh Ux, /bin/csh Ux, /bin/ksh Ux, /bin/sh Ux, /bin/tcsh Ux, /bin/zsh Ux, /sbin/nologin Ux, } ^PRIVSEP { #include <abstractions/base> #include <abstractions/nameservice> capability setgid, capability setuid, capability sys_chroot, } ^PRIVSEP_MONITOR { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/wutmp> capability chown, capability setgid, capability setuid, /dev/ptmx rw, /dev/pts/[0-9]* rw, /dev/urandom r, /etc/hosts.allow r, /etc/hosts.deny r, /etc/ssh/moduli r, @{HOME}/.ssh/authorized_keys{,2} r, @{PROC}/[0-9]*/mounts r, } } | over 2 years ago | 187 | shimingzhou | Edit | History | ||
| opensuse11.0 | /usr/sbin/sshd | # $Id: usr.sbin.sshd 697 2007-05-25 03:09:30Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ # will need to revalidate this profile once we finish re-architecting # the change_hat patch. # #include <tunables/global> /usr/sbin/sshd flags=(complain) { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/wutmp> capability audit_control, capability chown, capability fowner, capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_chroot, capability sys_ptrace, capability sys_tty_config, /bin/ash Ux, /bin/bash rUx, /bin/bash2 Ux, /bin/bsh Ux, /bin/csh Ux, /bin/ksh Ux, /bin/sh Ux, /bin/tcsh Ux, /bin/zsh Ux, /dev/ptmx rw, /dev/pts/[0-9]* rw, /dev/urandom r, /etc/environment r, /etc/hosts.allow r, /etc/hosts.deny r, /etc/modules.conf r, /etc/motd r, /etc/ssh/* r, /etc/ssh/moduli r, /sbin/nologin Ux, /tmp/ssh-*/agent.[0-9]* rwl, /tmp/ssh-*[0-9]*/ w, /usr/sbin/sshd mrix, /var/run w, /var/run/sshd{,.init}.pid wl, @{HOME}/.ssh/authorized_keys{,2} r, @{PROC}/[0-9]*/fd/ r, @{PROC}/[0-9]*/loginuid w, @{PROC}/[0-9]*/mounts r, @{PROC}/filesystems r, ^AUTHENTICATED flags=(complain) { #include <abstractions/authentication> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/wutmp> capability setgid, capability setuid, capability sys_tty_config, /dev/log w, /dev/ptmx rw, /etc/default/passwd r, /etc/localtime r, /etc/login.defs r, /etc/motd r, /tmp/ssh-*/agent.[0-9]* rwl, /tmp/ssh-*[0-9]*/ w, } ^EXEC flags=(complain) { #include <abstractions/base> /bin/ash Ux, /bin/bash Ux, /bin/bash2 Ux, /bin/bsh Ux, /bin/csh Ux, /bin/ksh Ux, /bin/sh Ux, /bin/tcsh Ux, /bin/zsh Ux, /sbin/nologin Ux, } ^PRIVSEP flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> capability setgid, capability setuid, capability sys_chroot, } ^PRIVSEP_MONITOR flags=(complain) { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/wutmp> capability chown, capability setgid, capability setuid, /dev/ptmx rw, /dev/pts/[0-9]* rw, /dev/urandom r, /etc/hosts.allow r, /etc/hosts.deny r, /etc/ssh/moduli r, @{HOME}/.ssh/authorized_keys{,2} r, @{PROC}/[0-9]*/mounts r, } } | over 2 years ago | test | 191 | KarlisBidins | Edit | History | |
| opensuse11.0 | /usr/sbin/smbd | # $Id: usr.sbin.smbd 697 2007-05-25 03:09:30Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/smbd { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> capability dac_override, capability dac_read_search, capability net_bind_service, capability setgid, capability setuid, capability sys_resource, /etc/cups/client.conf r, /etc/samba/dhcp.conf r, audit owner /etc/samba/secrets.tdb rwk, /etc/samba/smb.conf r, owner /etc/samba/smbpasswd rwk, owner /srv/dev/ r, owner /srv/shared/ r, /tmp rw, /usr/lib/samba/lowcase.dat r, /usr/lib/samba/upcase.dat r, /usr/lib/samba/valid.dat r, /usr/sbin/smbd r, /var/lib/samba/** rwk, owner /var/log/samba/cores/smbd/ w, /var/log/samba/log.smbd w, owner /var/run/cups/cups.sock w, owner /var/run/samba/smbd.pid wk, /var/tmp rw, /var/tmp/** rwl, @{HOMEDIRS} rwl, @{HOME}/** rwl, @{PROC}/[0-9]*/mounts r, } | over 3 years ago | fix | 222 | octo | Edit | History | |
| opensuse11.0 | /usr/lib/firefox/firefox.sh | #include <tunables/global> /usr/lib/firefox/firefox.sh { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> network stream, /bin/basename rcx, /bin/bash rix, /bin/grep rix, /etc/gnome-vfs-2.0/modules/ r, /etc/gre.d/ r, /etc/gre.d/* r, /etc/mailcap r, /etc/mime.types r, /etc/opt/kde3/**/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, owner /home/*/.ICEauthority r, owner /home/*/.Xauthority r, owner /home/*/.config/Trolltech.conf r, owner /home/*/.config/qtcurve.gtk-colors rw, owner /home/*/.config/qtcurve.gtk-icons rw, owner /home/*/.fontconfig/* r, owner /home/*/.fonts.conf r, owner /home/*/.kde/share/config/kdeglobals r, owner /home/*/.kde4/share/config/gtkrc-2.0 r, owner /home/*/.local/share/applications/ r, owner /home/*/.local/share/mime/mime.cache r, owner /home/*/Documents/.etc/mozilla/extensions/*/ r, owner /home/*/Documents/.etc/mozilla/extensions/\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}/ r, owner /home/*/Documents/.etc/mozilla/firefox/* r, owner /home/*/Documents/.etc/mozilla/firefox/*/ r, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/* rwk, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/*/ rw, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/Cache.Trash/*/ w, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/Cache.Trash/Trash/*/ w, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/Cache/* rw, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/adblockplus/* r, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/chrome/* r, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/extensions/** r, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/gm_scripts/* r, owner /home/*/Documents/.etc/mozilla/firefox/uz6cq9af.default/searchplugins/* rw, owner /home/draglor/Documents/Temp/ w, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, owner /proc/*/cmdline r, /proc/meminfo r, /usr/bin/file rcx, /usr/lib/firefox/firefox mrpx, /usr/lib/firefox/firefox.sh rix, /usr/share/applications/ r, /usr/share/applications/mimeinfo.cache r, /usr/share/locale-bundle/de/LC_MESSAGES/* r, /usr/share/mozilla/extensions/*/ r, /var/cache/gio-2.0/defaults.list r, /var/cache/libx11/compose/l4_024_313cb605_00280cc0 r, profile /bin/basename { #include <abstractions/base> /bin/basename mr, } profile /usr/bin/file { #include <abstractions/base> /etc/magic r, /usr/bin/file mr, /usr/share/misc/magic.mgc r, } } | over 3 years ago | 224 | Michi8383 | Edit | History | ||
| opensuse10.3 | /usr/sbin/amavisd | #include <tunables/global> /usr/sbin/amavisd { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/perl> capability dac_override, capability dac_read_search, /etc/amavisd.conf r, /etc/amavisd/templates.d/** r, /usr/bin/perl ix, /usr/sbin/amavisd mr, /var/spool/amavis/amavisd.pid r, } | over 3 years ago | 255 | arclyde | Edit | History | ||
| opensuse10.3 | /etc/sysconfig/network/scripts/dhcpcd-hook-samba | #include <tunables/global> /etc/sysconfig/network/scripts/dhcpcd-hook-samba { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /bin/gawk ixr, /etc/sysconfig/network/* r, /etc/sysconfig/network/scripts/dhcpcd-hook-samba mr, /etc/sysconfig/network/scripts/dhcpcd-hook-samba-functions r, /proc/meminfo r, /var/lib/dhcp/dhclient-*.leases r, } | over 4 years ago | more kde4 testing | 238 | dominic | Edit | History | |
| opensuse10.3 | /usr/lib/cyrus/bin/idled | #include <tunables/global> /usr/lib/cyrus/bin/idled { #include <abstractions/base> /etc/imapd.* r, /mnt/mail/config/** rw, /usr/lib/cyrus/bin/idled mr, /var/lib/imap/* rw, /var/lib/imap/** w, /var/lib/imap/db/* rw, } | over 3 years ago | 251 | arclyde | Edit | History | ||
| opensuse10.3 | /usr/lib/cups/backend/ipp | #include <tunables/global> /usr/lib/cups/backend/ipp flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> network inet dgram, /usr/lib/cups/backend/ipp mr, /var/run/avahi-daemon/socket w, /var/spool/cups/* r, } | over 4 years ago | Testing printing use cases | 305 | dominic | Edit | History | |
| opensuse11.0 | /usr/sbin/sshd | #include <tunables/global> /usr/sbin/sshd { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/nis> audit capability net_bind_service, capability setgid, owner /dev/tty rw, owner /etc/selinux/config r, owner /etc/ssh/ssh_host_dsa_key r, owner /etc/ssh/ssh_host_rsa_key r, owner /etc/ssh/sshd_config r, owner /proc/*/fd/ r, owner /proc/*/mounts r, owner /usr/sbin/sshd r, owner /var/run/sshd.init.pid w, } | about 1 year ago | 92 | usera | Edit | History | ||
| opensuse11.0 | /usr/bin/skanlite | #include <tunables/global> /usr/bin/skanlite flags=(complain) { #include <abstractions/base> } | over 2 years ago | 203 | gem4 | Edit | History | ||
| opensuse11.0 | /usr/bin/wine | #include <tunables/global> /usr/bin/wine flags=(complain) { #include <abstractions/base> } | over 2 years ago | add wine | 309 | kooleaf | Edit | History | |
| opensuse11.0 | /usr/lib/opera/9.62/opera | #include <tunables/global> /usr/lib/opera/9.62/opera flags=(complain) { #include <abstractions/base> #include <abstractions/bash> network dgram, network inet dgram, network inet stream, network inet6 stream, network stream, deny owner /home/maku/.opera/cache4/opr00479 w, deny owner /home/maku/.opera/cache4/opr0048J a, deny owner /home/maku/.opera/cache4/opr0048K a, deny owner /home/maku/.opera/cache4/opr0048L a, deny owner /home/maku/.opera/cache4/opr0048M a, deny owner /home/maku/.opera/cache4/opr0048N a, deny owner /home/maku/.opera/cache4/opr0048O a, deny owner /home/maku/.opera/cache4/opr0048P a, deny owner /home/maku/.opera/cache4/opr0048Q a, deny owner /home/maku/.opera/cache4/opr0048R a, deny owner /home/maku/.opera/cache4/opr0048S a, deny owner /home/maku/.opera/cache4/opr0048T a, deny owner /home/maku/.opera/cache4/opr0048U a, deny owner /home/maku/.opera/cache4/opr0048V a, deny owner /home/maku/.opera/cache4/opr0048W a, deny owner /home/maku/.opera/cache4/opr0048X a, deny owner /home/maku/.opera/cache4/opr0048Y a, deny owner /home/maku/.opera/cache4/opr0048Z a, deny owner /home/maku/.opera/cache4/opr00490 a, deny owner /home/maku/.opera/cache4/opr00491 a, deny owner /home/maku/.opera/cache4/opr00492 a, deny owner /home/maku/.opera/cache4/opr00493 a, deny owner /home/maku/.opera/cache4/opr00494 a, deny owner /home/maku/.opera/cache4/opr00495 a, deny owner /home/maku/.opera/cache4/opr00496 a, deny owner /home/maku/.opera/cache4/opr00497 a, deny owner /home/maku/.opera/cache4/opr00498 a, deny owner /home/maku/.opera/cache4/opr00499 a, deny owner /home/maku/.opera/cache4/opr0049A a, deny owner /home/maku/.opera/cache4/opr0049B a, deny owner /home/maku/.opera/cache4/opr0049C a, deny owner /home/maku/.opera/cache4/opr0049D a, deny owner /home/maku/.opera/cache4/opr0049E a, deny owner /home/maku/.opera/cache4/opr0049F a, deny owner /home/maku/.opera/cache4/opr0049G a, deny owner /home/maku/.opera/cache4/opr0049H a, deny owner /home/maku/.opera/cache4/opr0049I a, deny owner /home/maku/.opera/cache4/opr0049J a, deny owner /home/maku/.opera/cache4/opr0049K a, deny owner /home/maku/.opera/cache4/opr0049L a, deny owner /home/maku/.opera/cache4/opr0049M a, deny owner /home/maku/.opera/cache4/opr0049N a, deny owner /home/maku/.opera/cache4/opr0049O a, deny owner /home/maku/.opera/cache4/opr0049P a, deny owner /home/maku/.opera/cache4/opr0049Q a, deny owner /home/maku/.opera/cache4/revocation/oprc9nt5z a, deny owner /home/maku/.opera/images/www.f-prot.com.idx r, deny owner /home/maku/.opera/images/www.google.com.idx r, deny owner /home/maku/.opera/opr9s77ak a, deny owner /home/maku/.opera/oprand.dat w, deny owner /home/maku/.opera/opssl6.dat w, deny owner /home/maku/.opera/typed_history.xml w, deny owner /home/maku/.opera/vps/0004/wb.vx-j a, deny /usr/share/opera/styles/error.css r, /bin/gunzip rix, /etc/X11/kstylerc r, /etc/X11/qt_plugins_3.3rc r, /etc/X11/qtrc r, /etc/fonts/** r, /etc/group r, /etc/host.conf r, /etc/hosts r, /etc/mailcap rk, /etc/nsswitch.conf r, /etc/opera6rc rk, /etc/opera6rc.fixed rk, /etc/opt/kde3/share/applications/mimeinfo.cache rk, /etc/opt/kde3/share/icons/ r, /etc/passwd r, /etc/resolv.conf r, owner /home/*/ rw, owner /home/*/.ICEauthority r, owner /home/*/.Xauthority r, owner /home/*/.fontconfig/a8d626dfaa99cb0ebf0eba05ac19f7aa-x86.cache-2 r, owner /home/*/.kde/share/config/kcmnspluginrc rwk, owner /home/*/.opera/ rw, owner /home/*/.opera/browser.js rk, owner /home/*/.opera/cache4/ r, owner /home/*/.opera/cache4/dcache4.url rwk, owner /home/*/.opera/cache4/opr0043W rk, owner /home/*/.opera/cache4/opr0046R rk, owner /home/*/.opera/cache4/opr0046S rk, owner /home/*/.opera/cache4/opr0046T rk, owner /home/*/.opera/cache4/opr0046U rk, owner /home/*/.opera/cache4/opr0046W rk, owner /home/*/.opera/cache4/opr0046Z rk, owner /home/*/.opera/cache4/opr00470 rk, owner /home/*/.opera/cache4/opr00471 rk, owner /home/*/.opera/cache4/opr00474 rk, owner /home/*/.opera/cache4/opr00475 rk, owner /home/*/.opera/cache4/opr00476 rk, owner /home/*/.opera/cache4/opr00478 rk, owner /home/*/.opera/cache4/opr00479 rk, owner /home/*/.opera/cache4/opr0047A rk, owner /home/*/.opera/cache4/opr0047C rk, owner /home/*/.opera/cache4/opr0047D rk, owner /home/*/.opera/cache4/opr0047E rk, owner /home/*/.opera/cache4/opr0047J rk, owner /home/*/.opera/cache4/opr0047K rk, owner /home/*/.opera/cache4/opr0047L rk, owner /home/*/.opera/cache4/opr0047M rk, owner /home/*/.opera/cache4/opr0047N rk, owner /home/*/.opera/cache4/opr0047O rk, owner /home/*/.opera/cache4/opr0047P rk, owner /home/*/.opera/cache4/opr0047Q rk, owner /home/*/.opera/cache4/opr0047S rk, owner /home/*/.opera/cache4/opr0047W rk, owner /home/*/.opera/cache4/opr00483 w, owner /home/*/.opera/cache4/opr00485 w, owner /home/*/.opera/cache4/opr00487 rk, owner /home/*/.opera/cache4/opr0048A wk, owner /home/*/.opera/cache4/opr0048B wk, owner /home/*/.opera/cache4/opr0048D wk, owner /home/*/.opera/cache4/opr0048E rwk, owner /home/*/.opera/cache4/opr0048F wk, owner /home/*/.opera/cache4/opr0048G rwk, owner /home/*/.opera/cache4/opr0048H rwk, owner /home/*/.opera/cache4/opr0048I wk, owner /home/*/.opera/cache4/oprHjb7yH rwk, owner /home/*/.opera/cache4/oprKK3maZ rwk, owner /home/*/.opera/cache4/oprbqzPkh rwk, owner /home/*/.opera/cache4/opsrp3XZ6Kw rw, owner /home/*/.opera/cache4/opsrpHLJwPF rw, owner /home/*/.opera/cache4/opsrpkPCLkH rw, owner /home/*/.opera/cache4/revocation/ r, owner /home/*/.opera/cache4/revocation/dcache4.url rwk, owner /home/*/.opera/cache4/revocation/opr0TdhZP rwk, owner /home/*/.opera/cache4/revocation/opr1w7qkj rwk, owner /home/*/.opera/cache4/revocation/oprBL6s5f rwk, owner /home/*/.opera/cache4/revocation/oprHbpv5T rwk, owner /home/*/.opera/cache4/revocation/opsrpDj3pgy rw, owner /home/*/.opera/cache4/revocation/opsrpEvfp5z rw, owner /home/*/.opera/cache4/revocation/opsrpvlimgW rw, owner /home/*/.opera/cache4/revocation/opsrpvpVLE4 rw, owner /home/*/.opera/cache4/revocation/vlink4.dat rwk, owner /home/*/.opera/cookies4.dat rwk, owner /home/*/.opera/download.dat rwk, owner /home/*/.opera/fontswitch.ini rwk, owner /home/*/.opera/global.dat rwk, owner /home/*/.opera/images/http%3A%2F%2Fredir.opera.com%2Ffavicons%2Fgoogle%2Ffavicon.ico rk, owner /home/*/.opera/images/http%3A%2F%2Ftechnet.microsoft.com%2Ffavicon.ico rk, owner /home/*/.opera/images/redir.opera.com.idx rk, owner /home/*/.opera/images/technet.microsoft.com.idx rk, owner /home/*/.opera/lock rwk, owner /home/*/.opera/mail/ w, owner /home/*/.opera/mail/accounts.ini rwk, owner /home/*/.opera/mail/index.ini rwk, owner /home/*/.opera/mail/indexer/indexer.ax rwk, owner /home/*/.opera/mail/indexer/indexer.bx rwk, owner /home/*/.opera/mail/indexer/message_id rwk, owner /home/*/.opera/mail/lexicon/lexicon.ax rwk, owner /home/*/.opera/mail/lexicon/lexicon.bx rwk, owner /home/*/.opera/mail/omailbase.dat rwk, owner /home/*/.opera/mail/opr4NYOBc rwk, owner /home/*/.opera/mail/opr7k0eKT rwk, owner /home/*/.opera/mail/oprAKscmI rwk, owner /home/*/.opera/mail/oprM4zcXO rwk, owner /home/*/.opera/mail/oprp74u7k rwk, owner /home/*/.opera/mail/oprsT7GIj rwk, owner /home/*/.opera/mail/opsrp7ZAVmS rw, owner /home/*/.opera/mail/opsrp7q2EAR rw, owner /home/*/.opera/mail/opsrpCLRiMw rw, owner /home/*/.opera/mail/opsrpZrg0d8 rw, owner /home/*/.opera/mail/opsrpc0ZRnR rw, owner /home/*/.opera/mail/opsrpqKcALJ rw, owner /home/*/.opera/notes.adr rk, owner /home/*/.opera/opcache/ r, owner /home/*/.opera/opcache/dcache4.url rwk, owner /home/*/.opera/opcache/opr0047I w, owner /home/*/.opera/opcache/opr00484 w, owner /home/*/.opera/opcache/opr0048C wk, owner /home/*/.opera/opcache/opr0048I wk, owner /home/*/.opera/opcache/opr0048J wk, owner /home/*/.opera/opcache/opr0048W wk, owner /home/*/.opera/opcache/opr7NYlOI rwk, owner /home/*/.opera/opcache/oprGx8PfN rwk, owner /home/*/.opera/opcache/oprNgmhvC rwk, owner /home/*/.opera/opcache/opsrpUGRFbI rw, owner /home/*/.opera/opcache/opsrpeQWJPi rw, owner /home/*/.opera/opcache/opsrpq9Jfi2 rw, owner /home/*/.opera/opera6.adr rk, owner /home/*/.opera/opera6.ini rwk, owner /home/*/.opera/opr0AkJUf rwk, owner /home/*/.opera/opr13XdAh rwk, owner /home/*/.opera/opr1EdG4O rwk, owner /home/*/.opera/opr1JeV0y rwk, owner /home/*/.opera/opr1XQgre rwk, owner /home/*/.opera/opr2MvSem rwk, owner /home/*/.opera/opr4sPrGq rwk, owner /home/*/.opera/opr5S4EbR rwk, owner /home/*/.opera/opr5yMZq0 rwk, owner /home/*/.opera/opr64S7XQ rwk, owner /home/*/.opera/opr6IpXT6 rwk, owner /home/*/.opera/opr6YxXDn rwk, owner /home/*/.opera/opr6nrtB4 rwk, owner /home/*/.opera/opr760Uu9 rwk, owner /home/*/.opera/opr7Jzgsh rwk, owner /home/*/.opera/opr7x0RbW rwk, owner /home/*/.opera/opr85zW0N rwk, owner /home/*/.opera/opr8pSEig rwk, owner /home/*/.opera/opr9J2Vfv rwk, owner /home/*/.opera/oprAEdjx4 rwk, owner /home/*/.opera/oprAVkB1R rwk, owner /home/*/.opera/oprAsEEM6 rwk, owner /home/*/.opera/oprC0FvSB rwk, owner /home/*/.opera/oprC5tv2v rwk, owner /home/*/.opera/oprCleweB rwk, owner /home/*/.opera/oprDd3cZT rwk, owner /home/*/.opera/oprEGLhMF rwk, owner /home/*/.opera/oprEi75rn rwk, owner /home/*/.opera/oprFBlwI0 rwk, owner /home/*/.opera/oprI3jgXK rwk, owner /home/*/.opera/oprJIJ9Cp rwk, owner /home/*/.opera/oprM8L8Gu rwk, owner /home/*/.opera/oprMqntWG rwk, owner /home/*/.opera/oprNophB0 rwk, owner /home/*/.opera/oprOc8skG rwk, owner /home/*/.opera/oprPMh0SN rwk, owner /home/*/.opera/oprQRfyfW rwk, owner /home/*/.opera/oprQuCg0e rwk, owner /home/*/.opera/oprQwNh7G rwk, owner /home/*/.opera/oprR1JWNR rwk, owner /home/*/.opera/oprRGoiAU rwk, owner /home/*/.opera/oprRaI3Am rwk, owner /home/*/.opera/oprSkexcy rwk, owner /home/*/.opera/oprV1zfzO rwk, owner /home/*/.opera/oprVOPAXD rwk, owner /home/*/.opera/oprVWjUOE rwk, owner /home/*/.opera/oprVg0Y90 rwk, owner /home/*/.opera/oprWVh6VZ rwk, owner /home/*/.opera/oprWuZ9dA rwk, owner /home/*/.opera/oprXHQPR9 rwk, owner /home/*/.opera/oprYDqkQd rwk, owner /home/*/.opera/oprYIWFBi rwk, owner /home/*/.opera/oprYdPCHn rwk, owner /home/*/.opera/oprYfPBDT rwk, owner /home/*/.opera/oprZ70DrD rwk, owner /home/*/.opera/oprZAf3Km rwk, owner /home/*/.opera/opra2XnTt rwk, owner /home/*/.opera/oprand.dat rk, owner /home/*/.opera/oprbZFvqy rwk, owner /home/*/.opera/oprd604m7 rwk, owner /home/*/.opera/oprdoG0qb rwk, owner /home/*/.opera/opreUrgOq rwk, owner /home/*/.opera/oprfJFnsM rwk, owner /home/*/.opera/oprfUfQlL rwk, owner /home/*/.opera/oprg4sbcM rwk, owner /home/*/.opera/oprg8xL8O rwk, owner /home/*/.opera/oprhH0toG rwk, owner /home/*/.opera/oprhMMyAM rwk, owner /home/*/.opera/oprhQJTuK rwk, owner /home/*/.opera/opriVSLRw rwk, owner /home/*/.opera/oprizrtJn rwk, owner /home/*/.opera/oprj1DWy7 rwk, owner /home/*/.opera/oprj673K8 rwk, owner /home/*/.opera/oprkPmCaK rwk, owner /home/*/.opera/oprlsmQ9y rwk, owner /home/*/.opera/oprml3vjd rwk, owner /home/*/.opera/oproPH4pn rwk, owner /home/*/.opera/oprozOsTK rwk, owner /home/*/.opera/oprpoDTJT rwk, owner /home/*/.opera/oprr68v5Z rwk, owner /home/*/.opera/oprrVAk59 rwk, owner /home/*/.opera/oprrlFuZn rwk, owner /home/*/.opera/oprrnoGsV rwk, owner /home/*/.opera/oprroZaiK rwk, owner /home/*/.opera/oprs70Hsa rwk, owner /home/*/.opera/oprsWbhhD rwk, owner /home/*/.opera/oprscA81N rwk, owner /home/*/.opera/oprt9frvm rwk, owner /home/*/.opera/oprtANhRV rwk, owner /home/*/.opera/oprv3Oj7Q rwk, owner /home/*/.opera/oprvQNpuO rwk, owner /home/*/.opera/oprvoPOIC rwk, owner /home/*/.opera/oprw7Tqri rwk, owner /home/*/.opera/oprwVtMU3 rwk, owner /home/*/.opera/oprxOeKZD rwk, owner /home/*/.opera/oprxntDLn rwk, owner /home/*/.opera/opryFgulN rwk, owner /home/*/.opera/opryn47pQ rwk, owner /home/*/.opera/opsrp0DwU4G rw, owner /home/*/.opera/opsrp0gdbAL rw, owner /home/*/.opera/opsrp1CQglH rw, owner /home/*/.opera/opsrp2YXJlc rw, owner /home/*/.opera/opsrp3WFDVO rw, owner /home/*/.opera/opsrp4p1j8W rw, owner /home/*/.opera/opsrp58wM5P rw, owner /home/*/.opera/opsrp6nF0ht rw, owner /home/*/.opera/opsrp7Pq0IX rw, owner /home/*/.opera/opsrp7jk3PF rw, owner /home/*/.opera/opsrp7yTpfK rw, owner /home/*/.opera/opsrp9MzOAv rw, owner /home/*/.opera/opsrpB62Ip3 rw, owner /home/*/.opera/opsrpBnnSVK rw, owner /home/*/.opera/opsrpC6L7Yl rw, owner /home/*/.opera/opsrpChfzZK rw, owner /home/*/.opera/opsrpH2Hqx3 rw, owner /home/*/.opera/opsrpJ80Xy6 rw, owner /home/*/.opera/opsrpJjo52u rw, owner /home/*/.opera/opsrpK0vPg4 rw, owner /home/*/.opera/opsrpKeu4tJ rw, owner /home/*/.opera/opsrpLJfSdN rw, owner /home/*/.opera/opsrpLNn29s rw, owner /home/*/.opera/opsrpLb7UmG rw, owner /home/*/.opera/opsrpLtkKYk rw, owner /home/*/.opera/opsrpM1O8N1 rw, owner /home/*/.opera/opsrpM8Nb3g rw, owner /home/*/.opera/opsrpMEnDrR rw, owner /home/*/.opera/opsrpN5dXt3 rw, owner /home/*/.opera/opsrpN65rkh rw, owner /home/*/.opera/opsrpNLccRe rw, owner /home/*/.opera/opsrpNV5mmM rw, owner /home/*/.opera/opsrpPDa5wT rw, owner /home/*/.opera/opsrpQXBxf3 rw, owner /home/*/.opera/opsrpRMq7BT rw, owner /home/*/.opera/opsrpRNwSvr rw, owner /home/*/.opera/opsrpS2kbQQ rw, owner /home/*/.opera/opsrpSnTGyr rw, owner /home/*/.opera/opsrpTYjPya rw, owner /home/*/.opera/opsrpULSdNb rw, owner /home/*/.opera/opsrpUzy3bd rw, owner /home/*/.opera/opsrpWH8G4X rw, owner /home/*/.opera/opsrpWcrXip rw, owner /home/*/.opera/opsrpXdBi8b rw, owner /home/*/.opera/opsrpY6aybY rw, owner /home/*/.opera/opsrpYWyBYV rw, owner /home/*/.opera/opsrpYyEulc rw, owner /home/*/.opera/opsrpZgGvF6 rw, owner /home/*/.opera/opsrpZuljsl rw, owner /home/*/.opera/opsrpaW4yRl rw, owner /home/*/.opera/opsrpbrjNZa rw, owner /home/*/.opera/opsrpdRuXk7 rw, owner /home/*/.opera/opsrpe3V8MK rw, owner /home/*/.opera/opsrpeyWdxd rw, owner /home/*/.opera/opsrpfHzAkT rw, owner /home/*/.opera/opsrpfRNEub rw, owner /home/*/.opera/opsrpfeFDGO rw, owner /home/*/.opera/opsrphnOxXo rw, owner /home/*/.opera/opsrpiGef9O rw, owner /home/*/.opera/opsrpipbJ73 rw, owner /home/*/.opera/opsrpj7oPkZ rw, owner /home/*/.opera/opsrpji4tN4 rw, owner /home/*/.opera/opsrpjnJLxl rw, owner /home/*/.opera/opsrpkNABqJ rw, owner /home/*/.opera/opsrpktj3lM rw, owner /home/*/.opera/opsrpllfvxb rw, owner /home/*/.opera/opsrpmDUMk0 rw, owner /home/*/.opera/opsrpoXc5mB rw, owner /home/*/.opera/opsrpoc04Qw rw, owner /home/*/.opera/opsrpp7kwGi rw, owner /home/*/.opera/opsrpq1tfxL rw, owner /home/*/.opera/opsrpqXBlRO rw, owner /home/*/.opera/opsrpqhaU8d rw, owner /home/*/.opera/opsrprJFLWY rw, owner /home/*/.opera/opsrprPiIrm rw, owner /home/*/.opera/opsrprX5yQE rw, owner /home/*/.opera/opsrprzwvAb rw, owner /home/*/.opera/opsrpstfLgF rw, owner /home/*/.opera/opsrptALu1m rw, owner /home/*/.opera/opsrptZ52Kq rw, owner /home/*/.opera/opsrptlZbmJ rw, owner /home/*/.opera/opsrpubkr6w rw, owner /home/*/.opera/opsrpvC7rQe rw, owner /home/*/.opera/opsrpvWw1Za rw, owner /home/*/.opera/opsrpvbRx7a rw, owner /home/*/.opera/opsrpvuoEQt rw, owner /home/*/.opera/opsrpw6MvHx rw, owner /home/*/.opera/opsrpwPWPBG rw, owner /home/*/.opera/opsrpwRN3zT rw, owner /home/*/.opera/opsrpwRm3Qs rw, owner /home/*/.opera/opsrpwsaNzs rw, owner /home/*/.opera/opsrpxMSvkC rw, owner /home/*/.opera/opsrpxu7WHP rw, owner /home/*/.opera/opsrpyACMA0 rw, owner /home/*/.opera/opsrpyDEEkP rw, owner /home/*/.opera/opsrpyiNidS rw, owner /home/*/.opera/opsrpzAO9uQ rw, owner /home/*/.opera/opssl6.dat rk, owner /home/*/.opera/opthumb.dat rk, owner /home/*/.opera/override_downloaded.ini rk, owner /home/*/.opera/pluginpath.ini rwk, owner /home/*/.opera/sessions/ rw, owner /home/*/.opera/sessions/autosave.win rwk, owner /home/*/.opera/sessions/autosave.win.bak a, owner /home/*/.opera/sessions/opr0Gssa4 rwk, owner /home/*/.opera/sessions/oprA1pLYO rwk, owner /home/*/.opera/sessions/oprJa4t2X rwk, owner /home/*/.opera/sessions/oprRQ94hB rwk, owner /home/*/.opera/sessions/oprUAYYJS rwk, owner /home/*/.opera/sessions/oprlG5GJv rwk, owner /home/*/.opera/sessions/oprrHnVOi rwk, owner /home/*/.opera/sessions/opsrp4YQfJJ rw, owner /home/*/.opera/sessions/opsrp58Pqb7 rw, owner /home/*/.opera/sessions/opsrpVC8Rlc rw, owner /home/*/.opera/sessions/opsrpYAMOkW rw, owner /home/*/.opera/sessions/opsrpaKPt3p rw, owner /home/*/.opera/sessions/opsrpgd3Hnb rw, owner /home/*/.opera/sessions/opsrpsrpb08 rw, owner /home/*/.opera/speeddial.ini rwk, owner /home/*/.opera/styles/user/ r, owner /home/*/.opera/styles/user/accessibility.css rwk, owner /home/*/.opera/styles/user/altdebugger.css rwk, owner /home/*/.opera/styles/user/classid.css rwk, owner /home/*/.opera/styles/user/contrastbw.css rwk, owner /home/*/.opera/styles/user/contrastwb.css rwk, owner /home/*/.opera/styles/user/disablebreaks.css rwk, owner /home/*/.opera/styles/user/disablefloats.css rwk, owner /home/*/.opera/styles/user/disableforms.css rwk, owner /home/*/.opera/styles/user/disablepositioning.css rwk, owner /home/*/.opera/styles/user/disabletables.css rwk, owner /home/*/.opera/styles/user/outline.css rwk, owner /home/*/.opera/styles/user/structureblock.css rwk, owner /home/*/.opera/styles/user/structureinline.css rwk, owner /home/*/.opera/styles/user/structuretables.css rwk, owner /home/*/.opera/styles/user/tablelayout.css rwk, owner /home/*/.opera/styles/user/toc.css rwk, owner /home/*/.opera/typed_history.xml rk, owner /home/*/.opera/vlink4.dat rwk, owner /home/*/.opera/vps/ r, owner /home/*/.opera/vps/0000/adoc.bx rwk, owner /home/*/.opera/vps/0000/md.dat rwk, owner /home/*/.opera/vps/0000/url.ax rwk, owner /home/*/.opera/vps/0000/w.ax rwk, owner /home/*/.opera/vps/0000/wb.vx rwk, owner /home/*/.opera/vps/0001/adoc.bx rwk, owner /home/*/.opera/vps/0001/md.dat rwk, owner /home/*/.opera/vps/0001/url.ax rwk, owner /home/*/.opera/vps/0001/w.ax rwk, owner /home/*/.opera/vps/0001/wb.vx rwk, owner /home/*/.opera/vps/0002/adoc.bx rwk, owner /home/*/.opera/vps/0002/md.dat rwk, owner /home/*/.opera/vps/0002/url.ax rwk, owner /home/*/.opera/vps/0002/w.ax rwk, owner /home/*/.opera/vps/0002/wb.vx rwk, owner /home/*/.opera/vps/0003/adoc.bx rwk, owner /home/*/.opera/vps/0003/md.dat rwk, owner /home/*/.opera/vps/0003/url.ax rwk, owner /home/*/.opera/vps/0003/w.ax rwk, owner /home/*/.opera/vps/0003/wb.vx rwk, owner /home/*/.opera/vps/0004/adoc.bx rwk, owner /home/*/.opera/vps/0004/md.dat rwk, owner /home/*/.opera/vps/0004/url.ax rwk, owner /home/*/.opera/vps/0004/w.ax rwk, owner /home/*/.opera/vps/0004/wb.vx rwk, owner /home/*/.qt/.qt_plugins_3.3rc.lock rwk, owner /home/*/.qt/.qtrc.lock rwk, owner /home/*/.qt/qt_plugins_3.3rc r, owner /home/*/.qt/qtrc r, owner /home/*/Desktop/ rw, owner /home/*/Desktop/Autoruns.zip ak, /opt/kde3/bin/ark px, /opt/kde3/bin/kfmclient rix, /opt/kde3/lib/kde3/plugins/styles/ r, /opt/kde3/lib/kde3/plugins/styles/plastik.so mr, /opt/kde3/lib/lib*so* mr, /opt/kde3/share/applications/kde/ark.desktop rk, /opt/kde3/share/applications/mimeinfo.cache rk, /opt/kde3/share/icons/ r, /opt/kde3/share/icons/crystalsvg/32x32/mimetypes/tgz.png rk, /opt/kde3/share/icons/crystalsvg/index.theme rk, /opt/kde3/share/mimelnk/application/x-zip-compressed.desktop rk, /tmp/.X11-unix/X0 w, /usr/lib/** mr, /usr/lib/opera/9.62/operapluginwrapper rix, /usr/share/X11/locale/compose.dir r, /usr/share/X11/locale/en_US.UTF-8/Compose r, /usr/share/X11/locale/en_US.UTF-8/XLC_LOCALE r, /usr/share/X11/locale/locale.alias r, /usr/share/X11/locale/locale.dir r, /usr/share/applications/mimeinfo.cache rk, /usr/share/desktop-data/qtrc r, /usr/share/fonts/** r, /usr/share/ghostscript/fonts/** r, /usr/share/icons/ r, /usr/share/icons/DMZ/cursors/bd_double_arrow r, /usr/share/icons/DMZ/cursors/copy r, /usr/share/icons/DMZ/cursors/hand2 r, /usr/share/icons/DMZ/cursors/left_ptr r, /usr/share/icons/DMZ/cursors/left_ptr_watch r, /usr/share/icons/DMZ/cursors/link r, /usr/share/icons/DMZ/cursors/move r, /usr/share/icons/DMZ/cursors/sb_h_double_arrow r, /usr/share/icons/DMZ/cursors/watch r, /usr/share/icons/DMZ/cursors/xterm r, /usr/share/icons/DMZ/index.theme r, /usr/share/icons/hicolor/index.theme rk, /usr/share/mime/aliases rk, /usr/share/mime/application/x-compressed-tar.xml rk, /usr/share/mime/application/zip.xml rk, /usr/share/mime/globs rk, /usr/share/mime/subclasses rk, /usr/share/opera/encoding.bin rk, /usr/share/opera/ini/dialog.ini rk, /usr/share/opera/ini/fastforward.ini rk, /usr/share/opera/ini/font.ini rk, /usr/share/opera/ini/pluginpath.ini rk, /usr/share/opera/ini/standard_keyboard.ini rk, /usr/share/opera/ini/standard_menu.ini rk, /usr/share/opera/ini/standard_mouse.ini rk, /usr/share/opera/ini/standard_toolbar.ini rk, /usr/share/opera/locale/english.lng rk, /usr/share/opera/locale/pl/polski.lng rk, /usr/share/opera/locale/pl/search.ini rk, /usr/share/opera/skin/standard_skin.zip rk, /usr/share/opera/styles/contentblock.css rk, /usr/share/opera/styles/mathml.css rk, /usr/share/opera/styles/wml.css rk, /var/cache/fontconfig/0c42b92420913fbcd7539015ba025a31-x86.cache-2 r, /var/cache/fontconfig/17090aa38d5c6f09fb8c5c354938f1d7-x86.cache-2 r, /var/cache/fontconfig/2d31a572ce6667f6a0da9c8dc611898b-x86.cache-2 r, /var/cache/fontconfig/30786aca7a961ef9f9799e540455831d-x86.cache-2 r, /var/cache/fontconfig/3830d5c3ddfd5cd38a049b759396e72e-x86.cache-2 r, /var/cache/fontconfig/4b172ca7f111e3cffadc3636415fead9-x86.cache-2 r, /var/cache/fontconfig/5ca8086aeacc9c68e81a71e7ef846b3b-x86.cache-2 r, /var/cache/fontconfig/77e41c5059666d75f92e318d4be8c21e-x86.cache-2 r, /var/cache/fontconfig/7ef2298fde41cc6eeb7af42e48b7d293-x86.cache-2 r, /var/cache/fontconfig/82263fb4001171a9d4b2e27da14be10b-x86.cache-2 r, /var/cache/fontconfig/8d4af663993b81a124ee82e610bb31f9-x86.cache-2 r, /var/cache/fontconfig/a1c95d6dfc9a7b34f44445cf81166004-x86.cache-2 r, /var/cache/fontconfig/b6bbb9f898b73777cfe763014a8c08d3-x86.cache-2 r, /var/cache/fontconfig/c938cb1e82ff5ba1829a2dab18b1c8a9-x86.cache-2 r, /var/cache/fontconfig/cf6c88e680607f2ab796171745f068a4-x86.cache-2 r, /var/cache/fontconfig/d62e99ef547d1d24cdb1bd22ec1a2976-x86.cache-2 r, /var/cache/fontconfig/df311e82a1a24c41a75c2c930223552e-x86.cache-2 r, /var/cache/gio-2.0/defaults.list rk, /var/cache/libx11/compose/l4_024_313cb605_00280cc0 r, /var/run/nscd/socket w, } | over 3 years ago | 1 | 348 | maku | Edit | History | |
| opensuse11.0 | /usr/lib/postfix/tlsmgr | #include <tunables/global> /usr/lib/postfix/tlsmgr { #include <abstractions/base> #include <abstractions/nameservice> capability setgid, capability setuid, owner /etc/postfix/dynamicmaps.cf r, owner /etc/postfix/main.cf r, owner /usr/lib/postfix/tlsmgr m, /usr/lib/postfix/tlsmgr r, owner /var/lib/postfix/prng_exch rwk, } | over 3 years ago | several small additions | 225 | cboltz-server | Edit | History | |
| opensuse10.3 | /usr/lib/vmware/lib/wrapper-gtk24.sh | #include <tunables/global> /usr/lib/vmware/lib/wrapper-gtk24.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> /bin/bash ixr, /bin/grep ixr, /dev/ r, /dev/dsp r, /dev/sg1 r, /dev/tty rw, /etc/gtk-2.0/gdk-pixbuf.loaders r, /etc/gtk-2.0/gtkrc r, /etc/vmware/ r, /etc/vmware/config r, /home/*/.Xauthority r, /home/*/.config/qtcurvestylerc r, /home/*/.kde/share/config/kdeglobals r, /home/*/.qt/qtrc r, /home/*/.vmware/ rw, /home/*/.vmware/license.ws.6.0.200610 r, /home/*/.vmware/preferences r, /proc/*/cmdline r, /proc/cpuinfo r, /proc/meminfo r, /proc/net/dev r, /proc/sys/dev/parport r, /proc/uptime r, /tmp/ r, /tmp/.X11-unix/X0 w, /tmp/gconfd-admincs1/lock/ior r, /tmp/orbit-admincs1/ w, /tmp/orbit-admincs1/linc-1cf0-0-225dfec52121a w, /tmp/orbit-admincs1/linc-e42-0-7a2c25cc88df2 w, /tmp/vmware-admincs1.0 rw, /tmp/vmware-admincs1/ r, "/tmp/vmware-admincs1/VMware Workstation-:0.0-sp" rw, /tmp/vmware-admincs1/ui-3253.log w, /tmp/vmware-admincs1/ui-3253.log.lck/ rw, /tmp/vmware-admincs1/ui-3253.log.lck/D23516.lck/ w, /tmp/vmware-admincs1/ui-3253.log.lck/E23516.lck rw, /tmp/vmware-admincs1/ui-3253.log.lck/M23516.lck rw, /tmp/vmware-admincs1/ui-3649.log w, /usr/bin/gconftool-2 ixr, /usr/bin/ldd Ux, /usr/lib/vmware/bin/vmware ixr, /usr/lib/vmware/bin/vmware-tray ixr, /usr/lib/vmware/lib/wrapper-gtk24.sh mr, /usr/share/X11/locale/en_US.UTF-8/XLC_LOCALE r, /usr/share/X11/locale/locale.alias r, /usr/share/X11/locale/locale.dir r, /usr/share/icons/gnome/icon-theme.cache mr, /usr/share/icons/gnome/index.theme r, /usr/share/themes/QtCurve/gtk-2.0/gtkrc r, /usr/share/themes/QtCurve/gtk-2.0/gtkrc-kde3 r, /var/run/dbus/system_bus_socket w, } | over 3 years ago | vmware | 377 | knoble | Edit | History | |
| opensuse10.3 | /sbin/runlevel | #include <tunables/global> /sbin/runlevel { #include <abstractions/base> /sbin/runlevel mr, /var/run/utmp krw, } | over 4 years ago | Import of jmichaels profiles | 250 | dominic | Edit | History | |
| ubuntu-gutsy | /usr/lib/evolution/2.12/evolution-exchange-storage | #include <tunables/global> /usr/lib/evolution/2.12/evolution-exchange-storage { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/sound/events/*.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.evolution/*.db rw, /home/*/.evolution/*.db~ rw, /home/*/.gnome2_private/ w, /proc/*/mounts r, /tmp/orbit-void/bonobo-activation-register.lock klrw, /usr/lib/evolution/2.12/evolution-exchange-storage mr, } | over 4 years ago | gnome | 318 | hbpteam | Edit | History | |
| opensuse11.0 | /usr/bin/mysql | #include <tunables/global> /usr/bin/mysql flags=(complain) { #include <abstractions/base> capability dac_override, /etc/my.cnf r, owner /usr/bin/mysql r, owner /usr/share/mysql/charsets/Index.xml r, /var/lib/mysql/.protected/mysql.sock w, owner /var/run/nscd/services r, owner /var/run/nscd/socket w, } | 8 months ago | 38 | jacob | Edit | History | ||
| opensuse11.0 | /usr/sbin/mysqld | # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/mysqld flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability dac_override, capability setgid, capability setuid, /etc/my.cnf r, /usr/sbin/mysqld r, /usr/share/mysql/** r, /var/lib/mysql/** rwl, } | 11 months ago | 55 | Blas | Edit | History | ||
| opensuse11.0 | /usr/local/sbin/zabbix_server | #include <tunables/global> /usr/local/sbin/zabbix_server flags=(complain) { #include <abstractions/base> capability setgid, } | about 1 year ago | Zabbix_server | 66 | lcardoza | Edit | History | |
| opensuse11.0 | /usr/bin/evolution | #include <tunables/global> /usr/bin/evolution flags=(complain) { #include <abstractions/base> network dgram, network inet dgram, network inet stream, network stream, deny owner /home/maku/.evolution/.running w, deny owner /home/maku/.evolution/camel-cert.db~ a, deny owner /home/maku/.evolution/mail/.#searches.xml a, deny owner /home/maku/.evolution/mail/config/.#et-expanded-mbox:_home_maku_.evolution_mail_local_Inbox a, deny owner /home/maku/.evolution/mail/local/Outbox rw, deny owner /tmp/orbit-maku/linc-20bd-0-513de79c96411 w, deny /usr/share/evolution/2.22/errors/ r, deny /usr/share/evolution/2.22/images/ r, deny /usr/share/icons/Tango/16x16/status/dialog-warning.png r, /etc/fonts/** r, /etc/gnome-vfs-2.0/modules/ r, /etc/gnome-vfs-2.0/modules/default-modules.conf r, /etc/gnome-vfs-2.0/modules/font-method.conf r, /etc/gnome-vfs-2.0/modules/smb-module.conf r, /etc/gnome-vfs-2.0/modules/ssl-modules.conf r, /etc/gnome-vfs-2.0/modules/theme-method.conf r, /etc/gtk-2.0/gdk-pixbuf.loaders r, /etc/gtk-2.0/gtk.immodules r, /etc/gtk-2.0/gtkrc r, /etc/hosts r, /etc/nsswitch.conf r, /etc/opt/kde3/share/icons/ r, /etc/opt/kde3/share/icons/crystalsvg/icon-theme.cache r, /etc/pango/pango.modules r, /etc/passwd r, /etc/resolv.conf r, /etc/services r, owner /home/*/.ICEauthority r, owner /home/*/.Xauthority r, owner /home/*/.config/qtcurve.gtk-colors rw, owner /home/*/.config/qtcurve.gtk-icons rw, owner /home/*/.config/qtcurvestylerc r, owner /home/*/.evolution/ r, owner /home/*/.evolution/.running a, owner /home/*/.evolution/cache/http/01/http:%2f%2frynekpracy.pl%2fgrafika_nowa%2fnewsletter%2fstopka_2.gif rw, owner /home/*/.evolution/cache/http/04/http:%2f%2frynekpracy.pl%2fgrafika%2fnewsletter%2fnic.gif rw, owner /home/*/.evolution/cache/http/05/http:%2f%2frynekpracy.pl%2fgrafika_nowa%2fnewsletter%2fstopka_1.gif rw, owner /home/*/.evolution/cache/http/06/http:%2f%2frynekpracy.pl%2fgrafika_rynek%2fprzeglad_gora2.gif rw, owner /home/*/.evolution/cache/http/0f/http:%2f%2frynekpracy.pl%2fgrafika%2fnewsletter%2flinia_niebieska.gif rw, owner /home/*/.evolution/cache/http/11/http:%2f%2frynekpracy.pl%2fgrafika_rynek%2fbannery%2fhumor.jpg rw, owner /home/*/.evolution/cache/http/16/http:%2f%2frynekpracy.pl%2fgrafika_rynek%2fbannery%2fanalizy.jpg rw, owner /home/*/.evolution/cache/http/16/http:%2f%2frynekpracy.pl%2fgrafika_rynek%2fbannery%2fzapytanie.jpg rw, owner /home/*/.evolution/cache/http/1d/http:%2f%2frynekpracy.pl%2fgrafika%2fnewsletter%2fsonda_wynik.gif rw, owner /home/*/.evolution/cache/http/26/http:%2f%2frynekpracy.pl%2fgrafika_rynek%2fbannery%2fsedlak.jpg rw, owner /home/*/.evolution/cache/http/28/http:%2f%2frynekpracy.pl%2fgrafika_rynek%2fbannery%2fzyczenie.jpg rw, owner /home/*/.evolution/cache/http/31/http:%2f%2frynekpracy.pl%2fgrafika%2fnewsletter%2flinia_szara.gif rw, owner /home/*/.evolution/cache/http/31/http:%2f%2frynekpracy.pl%2fgrafika_rynek%2fbannery%2fbrp.jpg rw, owner /home/*/.evolution/cache/http/31/http:%2f%2frynekpracy.pl%2fgrafika_rynek%2fnasze_raporty.gif rw, owner /home/*/.evolution/cache/http/32/http:%2f%2frynekpracy.pl%2fgrafika_rynek%2ftop_newsletter_5.jpg rw, owner /home/*/.evolution/cache/http/34/http:%2f%2frynekpracy.pl%2fgrafika_rynek%2fprzeglad_rynku.gif rw, owner /home/*/.evolution/cache/http/37/http:%2f%2frynekpracy.pl%2fgrafika_rynek%2fbannery%2f50plus.jpg rw, owner /home/*/.evolution/cache/http/38/http:%2f%2frynekpracy.pl%2fgrafika_rynek%2fbannery%2fdzial_analiz_new.jpg rw, owner /home/*/.evolution/cache/http/38/http:%2f%2frynekpracy.pl%2fgrafika_rynek%2fprzeglad_dol_2.gif rw, owner /home/*/.evolution/cache/http/3a/http:%2f%2frynekpracy.pl%2fgrafika_rynek%2fbannery%2fwynagrodzenia.jpg rw, owner /home/*/.evolution/cache/http/3b/http:%2f%2frynekpracy.pl%2fgrafika_rynek%2fmonitor_newsletter.gif rw, owner /home/*/.evolution/cache/http/3c/http:%2f%2frynekpracy.pl%2fgrafika_rynek%2fprzeglad_tlo.gif rw, owner /home/*/.evolution/cache/tmp/ r, owner /home/*/.evolution/cache/tmp/mail.log.W3uvlN a, owner /home/*/.evolution/cache/tmp/mail.log.sYeKFr a, owner /home/*/.evolution/cache/tmp/mail.log.tebp9Q a, owner /home/*/.evolution/cache/tmp/mail.log.xOOGFz a, owner /home/*/.evolution/camel-cert.db r, owner /home/*/.evolution/cert8.db rw, owner /home/*/.evolution/key3.db rw, owner /home/*/.evolution/mail/config/.#folder-tree-expand-state.xml rw, owner /home/*/.evolution/mail/config/et-expanded-mbox:_home_maku_.evolution_mail_local_Inbox r, owner /home/*/.evolution/mail/config/folder-tree-expand-state.xml rw, owner /home/*/.evolution/mail/config/gtkrc-mail-fonts r, owner /home/*/.evolution/mail/local/ r, owner /home/*/.evolution/mail/local/.#Inbox.cmeta rw, owner /home/*/.evolution/mail/local/.#evolution.sbd/Junk.cmeta r, owner /home/*/.evolution/mail/local/.#evolution.sbd/Trash.cmeta r, owner /home/*/.evolution/mail/local/Drafts.cmeta r, owner /home/*/.evolution/mail/local/Drafts.ibex.index rw, owner /home/*/.evolution/mail/local/Drafts.ibex.index.data rw, owner /home/*/.evolution/mail/local/Inbox rwk, owner /home/*/.evolution/mail/local/Inbox.cmeta rw, owner /home/*/.evolution/mail/local/Inbox.ev-summary r, owner /home/*/.evolution/mail/local/Inbox.ibex.index rw, owner /home/*/.evolution/mail/local/Inbox.ibex.index.data rw, owner /home/*/.evolution/mail/local/Inbox.lock w, owner /home/*/.evolution/mail/local/InboxBEIULU w, owner /home/*/.evolution/mail/local/InboxBO0GLU w, owner /home/*/.evolution/mail/local/InboxRNDCLU w, owner /home/*/.evolution/mail/local/Outbox.cmeta r, owner /home/*/.evolution/mail/local/Outbox.ev-summary r, owner /home/*/.evolution/mail/local/Outbox.ibex.index rw, owner /home/*/.evolution/mail/local/Outbox.ibex.index.data rw, owner /home/*/.evolution/mail/local/Sent.cmeta r, owner /home/*/.evolution/mail/local/Sent.ev-summary r, owner /home/*/.evolution/mail/local/Sent.ibex.index rw, owner /home/*/.evolution/mail/local/Sent.ibex.index.data rw, owner /home/*/.evolution/mail/searches.xml r, owner /home/*/.evolution/secmod.db r, owner /home/*/.fontconfig/a8d626dfaa99cb0ebf0eba05ac19f7aa-x86.cache-2 r, owner /home/*/.kde/share/config/gtkrc-2.0 r, owner /home/*/.kde/share/config/kdeglobals r, owner /home/*/.qt/qtrc r, /opt/kde3/share/icons/ r, /opt/kde3/share/icons/crystalsvg/16x16/actions/editclear.png r, /opt/kde3/share/icons/crystalsvg/16x16/actions/find.png r, /opt/kde3/share/icons/crystalsvg/22x22/actions/button_cancel.png r, /opt/kde3/share/icons/crystalsvg/22x22/actions/button_ok.png r, /opt/kde3/share/icons/crystalsvg/22x22/actions/stop.png r, /opt/kde3/share/icons/crystalsvg/32x32/actions/help.png r, /opt/kde3/share/icons/crystalsvg/icon-theme.cache r, /opt/kde3/share/icons/crystalsvg/index.theme r, /opt/kde3/share/icons/hicolor/icon-theme.cache r, owner /proc/*/cmdline r, /tmp/ r, /tmp/.X11-unix/X0 w, owner /tmp/gconfd-maku/lock/ior r, owner /tmp/keyring-YM1CDw/socket w, owner /tmp/orbit-maku/ w, owner /tmp/orbit-maku/bonobo-activation-register.lock rwk, owner /tmp/orbit-maku/bonobo-activation-server-ior r, owner /tmp/orbit-maku/linc-2079-0-2cb716f66cc74 w, owner /tmp/orbit-maku/linc-2154-0-333383bd9eab3 w, owner /tmp/orbit-maku/linc-21b2-0-3ebd92beb302f w, owner /tmp/orbit-maku/linc-d49-0-6537b2556b93e w, owner /tmp/orbit-maku/linc-d4c-0-40ea262e565ab w, owner /tmp/orbit-maku/linc-d74-0-10998b88392cf w, owner /tmp/orbit-maku/linc-d79-0-25d6a80353e6b w, /usr/bin/dbus-launch rix, /usr/bin/evolution r, /usr/lib/** mr, /usr/share/X11/locale/compose.dir r, /usr/share/X11/locale/en_US.UTF-8/Compose r, /usr/share/X11/locale/en_US.UTF-8/XLC_LOCALE r, /usr/share/X11/locale/locale.alias r, /usr/share/X11/locale/locale.dir r, /usr/share/evolution/2.22/etspec/message-list.etspec r, /usr/share/evolution/2.22/filtertypes.xml r, /usr/share/evolution/2.22/icons/ r, /usr/share/evolution/2.22/icons/hicolor/16x16/actions/ r, /usr/share/evolution/2.22/icons/hicolor/16x16/actions/folder-copy.png r, /usr/share/evolution/2.22/icons/hicolor/16x16/actions/folder-move.png r, /usr/share/evolution/2.22/icons/hicolor/16x16/actions/mail-copy.png r, /usr/share/evolution/2.22/icons/hicolor/16x16/actions/mail-move.png r, /usr/share/evolution/2.22/icons/hicolor/16x16/places/ r, /usr/share/evolution/2.22/icons/hicolor/16x16/places/mail-inbox.png r, /usr/share/evolution/2.22/icons/hicolor/16x16/places/mail-outbox.png r, /usr/share/evolution/2.22/icons/hicolor/16x16/places/mail-sent.png r, /usr/share/evolution/2.22/icons/hicolor/22x22/actions/ r, /usr/share/evolution/2.22/icons/hicolor/22x22/places/ r, /usr/share/evolution/2.22/icons/hicolor/24x24/actions/ r, /usr/share/evolution/2.22/icons/hicolor/24x24/places/ r, /usr/share/evolution/2.22/icons/hicolor/24x24/places/mail-inbox.png r, /usr/share/evolution/2.22/icons/hicolor/24x24/places/mail-outbox.png r, /usr/share/evolution/2.22/icons/hicolor/32x32/actions/ r, /usr/share/evolution/2.22/icons/hicolor/48x48/categories/ r, /usr/share/evolution/2.22/icons/hicolor/scalable/actions/ r, /usr/share/evolution/2.22/images/online.png r, /usr/share/evolution/2.22/searchtypes.xml r, /usr/share/evolution/2.22/ui/evolution-mail-global.xml r, /usr/share/evolution/2.22/ui/evolution-mail-list.xml r, /usr/share/evolution/2.22/ui/evolution-mail-message.xml r, /usr/share/evolution/2.22/ui/evolution.xml r, /usr/share/evolution/2.22/vfoldertypes.xml r, /usr/share/evolution/2.22/views/mail/As_Sent_Folder.galview r, /usr/share/evolution/2.22/views/mail/By_Follow_Up_Flag.galview r, /usr/share/evolution/2.22/views/mail/By_Sender.galview r, /usr/share/evolution/2.22/views/mail/By_Status.galview r, /usr/share/evolution/2.22/views/mail/By_Subject.galview r, /usr/share/evolution/2.22/views/mail/Messages.galview r, /usr/share/evolution/2.22/views/mail/Wide_View_Normal.galview r, /usr/share/evolution/2.22/views/mail/Wide_View_Sent.galview r, /usr/share/evolution/2.22/views/mail/galview.xml r, /usr/share/fonts/** r, /usr/share/gtkhtml-3.14/keybindingsrc.emacs r, /usr/share/icons/ r, /usr/share/icons/DMZ/cursors/bottom_right_corner r, /usr/share/icons/DMZ/cursors/crosshair r, /usr/share/icons/DMZ/cursors/grabbing r, /usr/share/icons/DMZ/cursors/hand2 r, /usr/share/icons/DMZ/cursors/left_ptr r, /usr/share/icons/DMZ/cursors/sb_h_double_arrow r, /usr/share/icons/DMZ/cursors/sb_v_double_arrow r, /usr/share/icons/DMZ/cursors/xterm r, /usr/share/icons/DMZ/index.theme r, /usr/share/icons/Gilouche/16x16/actions/folder-new.png r, /usr/share/icons/Gilouche/16x16/places/folder-saved-search.png r, /usr/share/icons/Gilouche/16x16/places/folder.png r, /usr/share/icons/Gilouche/icon-theme.cache r, /usr/share/icons/Gilouche/index.theme r, /usr/share/icons/Tango/16x16/actions/address-book-new.png r, /usr/share/icons/Tango/16x16/actions/appointment-new.png r, /usr/share/icons/Tango/16x16/actions/contact-new.png r, /usr/share/icons/Tango/16x16/actions/document-print-preview.png r, /usr/share/icons/Tango/16x16/actions/document-print.png r, /usr/share/icons/Tango/16x16/actions/document-properties.png r, /usr/share/icons/Tango/16x16/actions/document-save-as.png r, /usr/share/icons/Tango/16x16/actions/edit-copy.png r, /usr/share/icons/Tango/16x16/actions/edit-cut.png r, /usr/share/icons/Tango/16x16/actions/edit-find.png r, /usr/share/icons/Tango/16x16/actions/edit-paste.png r, /usr/share/icons/Tango/16x16/actions/go-jump.png r, /usr/share/icons/Tango/16x16/actions/mail-forward.png r, /usr/share/icons/Tango/16x16/actions/mail-mark-junk.png r, /usr/share/icons/Tango/16x16/actions/mail-message-new.png r, /usr/share/icons/Tango/16x16/actions/mail-reply-all.png r, /usr/share/icons/Tango/16x16/actions/mail-reply-sender.png r, /usr/share/icons/Tango/16x16/actions/mail-send-receive.png r, /usr/share/icons/Tango/16x16/actions/process-stop.png r, /usr/share/icons/Tango/16x16/actions/window-new.png r, /usr/share/icons/Tango/16x16/animations/process-working.png r, /usr/share/icons/Tango/16x16/categories/preferences-desktop.png r, /usr/share/icons/Tango/16x16/emblems/emblem-important.png r, /usr/share/icons/Tango/16x16/mimetypes/image-x-generic.png r, /usr/share/icons/Tango/16x16/mimetypes/x-office-address-book.png r, /usr/share/icons/Tango/16x16/mimetypes/x-office-calendar.png r, /usr/share/icons/Tango/16x16/places/user-trash.png r, /usr/share/icons/Tango/16x16/status/mail-attachment.png r, /usr/share/icons/Tango/24x24/actions/document-print.png r, /usr/share/icons/Tango/24x24/actions/edit-delete.png r, /usr/share/icons/Tango/24x24/actions/go-next.png r, /usr/share/icons/Tango/24x24/actions/go-previous.png r, /usr/share/icons/Tango/24x24/actions/mail-forward.png r, /usr/share/icons/Tango/24x24/actions/mail-mark-junk.png r, /usr/share/icons/Tango/24x24/actions/mail-reply-all.png r, /usr/share/icons/Tango/24x24/actions/mail-reply-sender.png r, /usr/share/icons/Tango/24x24/actions/mail-send-receive.png r, /usr/share/icons/Tango/24x24/mimetypes/x-office-address-book.png r, /usr/share/icons/Tango/24x24/mimetypes/x-office-calendar.png r, /usr/share/icons/Tango/32x32/actions/mail-send-receive.png r, /usr/share/icons/Tango/icon-theme.cache r, /usr/share/icons/Tango/index.theme r, /usr/share/icons/Tango/scalable/actions/mail-send-receive.svg r, /usr/share/icons/crystalsvg/128x128/actions/ r, /usr/share/icons/crystalsvg/128x128/apps/ r, /usr/share/icons/crystalsvg/128x128/devices/ r, /usr/share/icons/crystalsvg/128x128/filesystems/ r, /usr/share/icons/crystalsvg/128x128/mimetypes/ r, /usr/share/icons/crystalsvg/16x16/actions/ r, /usr/share/icons/crystalsvg/16x16/apps/ r, /usr/share/icons/crystalsvg/16x16/devices/ r, /usr/share/icons/crystalsvg/16x16/filesystems/ r, /usr/share/icons/crystalsvg/16x16/mimetypes/ r, /usr/share/icons/crystalsvg/22x22/actions/ r, /usr/share/icons/crystalsvg/22x22/apps/ r, /usr/share/icons/crystalsvg/22x22/devices/ r, /usr/share/icons/crystalsvg/22x22/filesystems/ r, /usr/share/icons/crystalsvg/22x22/mimetypes/ r, /usr/share/icons/crystalsvg/32x32/actions/ r, /usr/share/icons/crystalsvg/32x32/apps/ r, /usr/share/icons/crystalsvg/32x32/devices/ r, /usr/share/icons/crystalsvg/32x32/filesystems/ r, /usr/share/icons/crystalsvg/32x32/mimetypes/ r, /usr/share/icons/crystalsvg/48x48/actions/ r, /usr/share/icons/crystalsvg/48x48/apps/ r, /usr/share/icons/crystalsvg/48x48/devices/ r, /usr/share/icons/crystalsvg/48x48/filesystems/ r, /usr/share/icons/crystalsvg/48x48/mimetypes/ r, /usr/share/icons/crystalsvg/64x64/actions/ r, /usr/share/icons/crystalsvg/64x64/apps/ r, /usr/share/icons/crystalsvg/64x64/devices/ r, /usr/share/icons/crystalsvg/64x64/filesystems/ r, /usr/share/icons/crystalsvg/64x64/mimetypes/ r, /usr/share/icons/crystalsvg/scalable/actions/ r, /usr/share/icons/crystalsvg/scalable/apps/ r, /usr/share/icons/crystalsvg/scalable/devices/ r, /usr/share/icons/crystalsvg/scalable/filesystems/ r, /usr/share/icons/crystalsvg/scalable/mimetypes/ r, /usr/share/icons/gnome/16x16/actions/application-exit.png r, /usr/share/icons/gnome/16x16/actions/document-page-setup.png r, /usr/share/icons/gnome/16x16/actions/mail-mark-important.png r, /usr/share/icons/gnome/16x16/actions/mail-mark-notjunk.png r, /usr/share/icons/gnome/16x16/actions/mail-mark-read.png r, /usr/share/icons/gnome/16x16/actions/mail-mark-unread.png r, /usr/share/icons/gnome/16x16/actions/window-close.png r, /usr/share/icons/gnome/16x16/actions/zoom-in.png r, /usr/share/icons/gnome/16x16/actions/zoom-original.png r, /usr/share/icons/gnome/16x16/actions/zoom-out.png r, /usr/share/icons/gnome/16x16/status/mail-read.png r, /usr/share/icons/gnome/16x16/status/mail-replied.png r, /usr/share/icons/gnome/16x16/status/mail-unread.png r, /usr/share/icons/gnome/16x16/stock/document/stock_task.png r, /usr/share/icons/gnome/16x16/stock/document/stock_todo.png r, /usr/share/icons/gnome/16x16/stock/generic/stock_new-24h-appointment.png r, /usr/share/icons/gnome/16x16/stock/generic/stock_new-meeting.png r, /usr/share/icons/gnome/16x16/stock/generic/stock_notes.png r, /usr/share/icons/gnome/16x16/stock/generic/stock_score-high.png r, /usr/share/icons/gnome/16x16/stock/generic/stock_score-higher.png r, /usr/share/icons/gnome/16x16/stock/generic/stock_score-highest.png r, /usr/share/icons/gnome/16x16/stock/generic/stock_score-low.png r, /usr/share/icons/gnome/16x16/stock/generic/stock_score-lower.png r, /usr/share/icons/gnome/16x16/stock/generic/stock_score-lowest.png r, /usr/share/icons/gnome/16x16/stock/generic/stock_score-normal.png r, /usr/share/icons/gnome/16x16/stock/net/stock_contact-list.png r, /usr/share/icons/gnome/16x16/stock/net/stock_disconnect.png r, /usr/share/icons/gnome/16x16/stock/net/stock_mail-filters-apply.png r, /usr/share/icons/gnome/16x16/stock/net/stock_mail-flag-for-followup-done.png r, /usr/share/icons/gnome/16x16/stock/net/stock_mail-flag-for-followup.png r, /usr/share/icons/gnome/16x16/stock/net/stock_mail-import.png r, /usr/share/icons/gnome/16x16/stock/net/stock_mail-open-multiple.png r, /usr/share/icons/gnome/16x16/stock/net/stock_mail-unread-multiple.png r, /usr/share/icons/gnome/16x16/stock/net/stock_mail.png r, /usr/share/icons/gnome/16x16/stock/net/stock_shared-by-me.png r, /usr/share/icons/gnome/16x16/stock/net/stock_shared-to-me.png r, /usr/share/icons/gnome/16x16/stock/object/stock_insert-note.png r, /usr/share/icons/gnome/24x24/actions/mail-mark-notjunk.png r, /usr/share/icons/gnome/24x24/stock/document/stock_todo.png r, /usr/share/icons/gnome/24x24/stock/generic/stock_notes.png r, /usr/share/icons/gnome/24x24/stock/net/stock_mail.png r, /usr/share/icons/gnome/icon-theme.cache r, /usr/share/icons/gnome/index.theme r, /usr/share/icons/hicolor/icon-theme.cache r, /usr/share/icons/hicolor/index.theme r, /usr/share/locale-bundle/pl/LC_MESSAGES/atk10.mo r, /usr/share/locale-bundle/pl/LC_MESSAGES/evolution-2.22.mo r, /usr/share/locale-bundle/pl/LC_MESSAGES/evolution-data-server-2.22.mo r, /usr/share/locale-bundle/pl/LC_MESSAGES/glib20.mo r, /usr/share/locale-bundle/pl/LC_MESSAGES/gtk20-properties.mo r, /usr/share/locale-bundle/pl/LC_MESSAGES/gtk20.mo r, /usr/share/locale-bundle/pl/LC_MESSAGES/gtkhtml-3.14.mo r, /usr/share/locale-bundle/pl/LC_MESSAGES/libbonobo-2.0.mo r, /usr/share/locale-bundle/pl/LC_MESSAGES/libbonoboui-2.0.mo r, /usr/share/pixmaps/ r, /usr/share/themes/Gilouche/gtk-2.0/gtkrc r, /usr/share/themes/QtCurve/gtk-2.0/gtkrc r, /var/cache/fontconfig/0c42b92420913fbcd7539015ba025a31-x86.cache-2 r, /var/cache/fontconfig/17090aa38d5c6f09fb8c5c354938f1d7-x86.cache-2 r, /var/cache/fontconfig/2d31a572ce6667f6a0da9c8dc611898b-x86.cache-2 r, /var/cache/fontconfig/30786aca7a961ef9f9799e540455831d-x86.cache-2 r, /var/cache/fontconfig/3830d5c3ddfd5cd38a049b759396e72e-x86.cache-2 r, /var/cache/fontconfig/4b172ca7f111e3cffadc3636415fead9-x86.cache-2 r, /var/cache/fontconfig/5ca8086aeacc9c68e81a71e7ef846b3b-x86.cache-2 r, /var/cache/fontconfig/77e41c5059666d75f92e318d4be8c21e-x86.cache-2 r, /var/cache/fontconfig/7ef2298fde41cc6eeb7af42e48b7d293-x86.cache-2 r, /var/cache/fontconfig/82263fb4001171a9d4b2e27da14be10b-x86.cache-2 r, /var/cache/fontconfig/8d4af663993b81a124ee82e610bb31f9-x86.cache-2 r, /var/cache/fontconfig/a1c95d6dfc9a7b34f44445cf81166004-x86.cache-2 r, /var/cache/fontconfig/b6bbb9f898b73777cfe763014a8c08d3-x86.cache-2 r, /var/cache/fontconfig/c938cb1e82ff5ba1829a2dab18b1c8a9-x86.cache-2 r, /var/cache/fontconfig/cf6c88e680607f2ab796171745f068a4-x86.cache-2 r, /var/cache/fontconfig/d62e99ef547d1d24cdb1bd22ec1a2976-x86.cache-2 r, /var/cache/fontconfig/df311e82a1a24c41a75c2c930223552e-x86.cache-2 r, /var/cache/libx11/compose/l4_024_313cb605_00280cc0 r, /var/lib/dbus/machine-id r, /var/run/dbus/system_bus_socket w, /var/run/nscd/socket w, /var/tmp/ r, } | over 2 years ago | Initial import | 201 | thomasrjones | Edit | History | |
| opensuse11.0 | /usr/lib/firefox/firefox.sh | #include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, } | over 3 years ago | 223 | samavedam_vijay | Edit | History | ||
| opensuse10.3 | /opt/kde3/bin/kmail | #include <tunables/global> /opt/kde3/bin/kmail flags=(complain) { #include <abstractions/base> /opt/kde3/bin/kmail mr, /opt/kde3/lib/lib*so* mr, } | over 3 years ago | qaz | 248 | vismanza | Edit | History | |
| opensuse10.3 | /usr/lib/firefox/firefox.sh | #include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/lib/firefox/firefox.sh mr, } | over 3 years ago | tristan | 229 | e1337r0ck3rX7 | Edit | History | |
| opensuse10.3 | /bin/ping | # $Id: bin.ping 521 2007-03-30 23:45:28Z agruen $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /bin/ping { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability net_raw, capability setuid, /bin/ping mixr, /etc/modules.conf r, } | over 4 years ago | Initial Revision | 406 | novell | Edit | History | |
| ubuntu-gutsy | /usr/bin/gksu | #include <tunables/global> /usr/bin/gksu { #include <abstractions/base> /usr/bin/gksu mr, } | over 4 years ago | gnome | 291 | hbpteam | Edit | History | |
| ubuntu-gutsy | /usr/bin/gnome-system-log | #include <tunables/global> /usr/bin/gnome-system-log { #include <abstractions/base> /usr/bin/gnome-system-log mr, } | over 4 years ago | gnome | 281 | hbpteam | Edit | History | |
| opensuse10.3 | /etc/sysconfig/network/scripts/dhcpcd-hook-samba | #include <tunables/global> /etc/sysconfig/network/scripts/dhcpcd-hook-samba { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /bin/gawk ixr, /etc/sysconfig/network/dhcp r, /etc/sysconfig/network/scripts/dhcpcd-hook-samba mr, /etc/sysconfig/network/scripts/dhcpcd-hook-samba-functions r, /proc/meminfo r, /var/lib/dhcp/dhclient-*.leases r, } | over 4 years ago | none | 267 | cinimod | Edit | History | |
| opensuse10.3 | /usr/local/bin/amule | #include <tunables/global> /usr/local/bin/amule { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/gnome> #include <abstractions/nameservice> /bin/bash ixr, /bin/uname ixr, /dev/tty rw, /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.aMule/ rw, /home/*/.aMule/* krw, /home/*/.aMule/Incoming/ rw, /home/*/.aMule/Incoming/* rw, /home/*/.aMule/Temp/ rw, /home/*/.aMule/Temp/*.backup rw, /home/*/.aMule/Temp/*.bak rw, /home/*/.aMule/Temp/*.met rw, /home/*/.aMule/Temp/*.part rw, /home/*/.esd_auth r, /home/*/.fontconfig/*.cache-2 r, /home/*/.fonts/ r, /home/*/.gnome2/Totem/* rw, /home/*/.gnome2_private/ w, /home/*/.gstreamer-0.10/*.xml r, /home/*/.gstreamer-0.10/plugins/ r, /home/*/.gstreamer-0.10/plugins/*.so mr, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /home/*/.local/share/mime/aliases r, /home/*/.local/share/mime/globs r, /home/*/.local/share/mime/magic r, /home/*/.local/share/mime/subclasses r, /home/*/.recently-used.xbel rw, /home/*/.recently-used.xbel.* rw, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /tmp/orbit-usr01/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/bin/mplayer ixr, /usr/bin/totem ixr, /usr/local/bin/amule ixr, /usr/local/share/pixmaps/ r, /usr/share/applications/**.desktop r, /usr/share/gnome/autostart/*.desktop r, /usr/share/locale-bundle/de/LC_MESSAGES/*.mo r, /usr/share/totem/*.png r, /usr/share/totem/*.ui r, /usr/share/totem/*.xml r, /var/cache/libx11/compose/* r, } | over 4 years ago | 13 | 314 | anonymus1 | Edit | History | |
| opensuse11.0 | /usr/lib64/firefox/firefox | #include <tunables/global> /usr/lib64/firefox/firefox { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /dev/shm/ r, owner /dev/shm/pulse-* rw, /etc/gre.d/ r, /etc/gre.d/*.conf r, /etc/mailcap r, /etc/mime.types r, /etc/mtab r, /etc/pulse/client.conf r, /etc/rpc r, owner /home/*/.ICEauthority r, owner /home/*/.config/user-dirs.dirs r, owner /home/*/.esd_auth r, owner /home/*/.icons/ r, owner /home/*/.mozilla/extensions/*/ r, owner /home/*/.mozilla/firefox/ w, owner /home/*/.mozilla/firefox/*.default/ r, owner /home/*/.mozilla/firefox/*.default/*.bak rw, owner /home/*/.mozilla/firefox/*.default/*.cache rw, owner /home/*/.mozilla/firefox/*.default/*.dat rw, owner /home/*/.mozilla/firefox/*.default/*.db rw, owner /home/*/.mozilla/firefox/*.default/*.ini w, owner /home/*/.mozilla/firefox/*.default/*.js rw, owner /home/*/.mozilla/firefox/*.default/*.json rw, owner /home/*/.mozilla/firefox/*.default/*.mfasl rw, owner /home/*/.mozilla/firefox/*.default/*.rdf rw, owner /home/*/.mozilla/firefox/*.default/*.sqlite rwk, owner /home/*/.mozilla/firefox/*.default/*.sqlite-journal rw, owner /home/*/.mozilla/firefox/*.default/*.tmp rw, owner /home/*/.mozilla/firefox/*.default/*.txt rw, owner /home/*/.mozilla/firefox/*.default/.autoreg rw, owner /home/*/.mozilla/firefox/*.default/.parentlock wk, owner /home/*/.mozilla/firefox/*.default/Cache.Trash/ rw, owner /home/*/.mozilla/firefox/*.default/Cache.Trash/** rw, owner /home/*/.mozilla/firefox/*.default/Cache.Trash/**/ rw, owner /home/*/.mozilla/firefox/*.default/Cache/ rw, owner /home/*/.mozilla/firefox/*.default/Cache/* rw, owner /home/*/.mozilla/firefox/*.default/bookmarkbackups/ r, owner /home/*/.mozilla/firefox/*.default/bookmarkbackups/*.json rw, owner /home/*/.mozilla/firefox/*.default/compatibility.ini rw, owner /home/*/.mozilla/firefox/*.default/extensions.ini rw, owner /home/*/.mozilla/firefox/*.default/extensions.log rw, owner /home/*/.mozilla/firefox/*.default/extensions/ r, owner /home/*/.mozilla/firefox/*.default/lock w, owner /home/*/.mozilla/firefox/profiles.ini rw, owner /home/*/.pulse-cookie rwk, owner /home/*/Downloads/ w, owner /proc/*/fd/ r, owner /proc/*/mounts r, /usr/lib/nspluginwrapper/x86_64/linux/npwrapper.so mr, /usr/lib64/** mr, owner /usr/lib64/firefox/components/compreg.dat.tmp w, /usr/lib64/firefox/components/compreg.dat.tmp r, owner /usr/lib64/firefox/components/xpti.dat.tmp w, /usr/lib64/firefox/components/xpti.dat.tmp r, owner /usr/lib64/firefox/update.test w, /usr/lib64/firefox/update.test r, owner /usr/lib64/mozilla/ w, /usr/lib64/mozilla/ r, /usr/share/applications/*.cache r, /usr/share/applications/*.desktop r, /usr/share/gvfs/remote-volume-monitors/ r, /usr/share/gvfs/remote-volume-monitors/*.monitor r, /usr/share/locale-bundle/ru/LC_MESSAGES/* r, /usr/share/mime/application/*.xml r, /usr/share/mime/text/*.xml r, /usr/share/mozilla/extensions/** r, owner "/usr/share/mozilla/extensions/*/Access Privileges Test/" w, /usr/share/myspell/*.aff r, /usr/share/myspell/*.dic r, /var/cache/gio-2.0/defaults.list r, /var/lib/dbus/machine-id r, owner /var/run/gdm/auth-for*/database r, ^null-d { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gre.d/ r, /etc/gre.d/*.conf r, /etc/mailcap r, /etc/mime.types r, owner /home/*/.ICEauthority r, owner /home/*/.esd_auth r, owner /home/*/.fontconfig/* r, owner /home/*/.icons/ r, owner /home/*/.mozilla/extensions/*/ r, owner /home/*/.mozilla/firefox/*.default/ r, /home/*/.mozilla/firefox/*.default/*.db rw, owner /home/*/.mozilla/firefox/*.default/*.js rw, owner /home/*/.mozilla/firefox/*.default/.parentlock wk, owner /home/*/.mozilla/firefox/*.default/Cache/* rw, owner /home/*/.mozilla/firefox/*.default/XPC.mfasl rw, owner /home/*/.mozilla/firefox/*.default/XUL.mfasl rw, owner /home/*/.mozilla/firefox/*.default/bookmarkbackups/ rw, owner /home/*/.mozilla/firefox/*.default/bookmarkbackups/*.json rw, owner /home/*/.mozilla/firefox/*.default/bookmarks.html rw, owner /home/*/.mozilla/firefox/*.default/chrome/*.css rw, owner /home/*/.mozilla/firefox/*.default/compatibility.ini rw, owner /home/*/.mozilla/firefox/*.default/compreg.dat.tmp w, owner /home/*/.mozilla/firefox/*.default/content-prefs.sqlite rwk, owner /home/*/.mozilla/firefox/*.default/content-prefs.sqlite-journal rw, owner /home/*/.mozilla/firefox/*.default/cookies.sqlite rwk, owner /home/*/.mozilla/firefox/*.default/cookies.sqlite-journal rw, owner /home/*/.mozilla/firefox/*.default/downloads.sqlite rwk, owner /home/*/.mozilla/firefox/*.default/downloads.sqlite-journal rw, owner /home/*/.mozilla/firefox/*.default/extensions-1.cache rw, owner /home/*/.mozilla/firefox/*.default/extensions-1.ini rw, owner /home/*/.mozilla/firefox/*.default/extensions.cache rw, owner /home/*/.mozilla/firefox/*.default/extensions.ini rw, owner /home/*/.mozilla/firefox/*.default/extensions.rdf rw, owner /home/*/.mozilla/firefox/*.default/extensions/ r, owner /home/*/.mozilla/firefox/*.default/formhistory.sqlite rwk, owner /home/*/.mozilla/firefox/*.default/formhistory.sqlite-journal rw, owner /home/*/.mozilla/firefox/*.default/localstore-1.rdf rw, owner /home/*/.mozilla/firefox/*.default/localstore.rdf rw, owner /home/*/.mozilla/firefox/*.default/lock rw, owner /home/*/.mozilla/firefox/*.default/mimeTypes-1.rdf rw, owner /home/*/.mozilla/firefox/*.default/mimeTypes.rdf rw, owner /home/*/.mozilla/firefox/*.default/permissions.sqlite rwk, owner /home/*/.mozilla/firefox/*.default/permissions.sqlite-journal rw, owner /home/*/.mozilla/firefox/*.default/places.sqlite rwk, owner /home/*/.mozilla/firefox/*.default/places.sqlite-journal rw, owner /home/*/.mozilla/firefox/*.default/pluginreg.dat rw, owner /home/*/.mozilla/firefox/*.default/search.json rw, owner /home/*/.mozilla/firefox/*.default/search.sqlite rwk, owner /home/*/.mozilla/firefox/*.default/search.sqlite-journal rw, owner /home/*/.mozilla/firefox/*.default/signons.sqlite rwk, owner /home/*/.mozilla/firefox/*.default/signons.sqlite-journal rw, owner /home/*/.mozilla/firefox/*.default/urlclassifier3.sqlite rwk, owner /home/*/.mozilla/firefox/*.default/urlclassifier3.sqlite-journal rw, owner /home/*/.mozilla/firefox/*.default/urlclassifierkey3.txt rw, owner /home/*/.mozilla/firefox/*.default/xpti.dat rw, owner /home/*/.mozilla/firefox/*.default/xpti.dat.tmp rw, owner /home/*/.mozilla/firefox/profiles.ini rw, owner /proc/*/mounts r, /proc/cpuinfo r, /proc/meminfo r, /usr/lib/** mr, /usr/lib64/** mr, /usr/share/applications/mimeinfo.cache r, /usr/share/gvfs/remote-volume-monitors/ r, /usr/share/gvfs/remote-volume-monitors/gdu.monitor r, /usr/share/gvfs/remote-volume-monitors/gphoto2.monitor r, /usr/share/gvfs/remote-volume-monitors/hal.monitor r, /usr/share/locale-bundle/ru/LC_MESSAGES/* r, /usr/share/mime/*/* r, /usr/share/mozilla/extensions/** r, /var/cache/gio-2.0/defaults.list r, owner /var/run/gdm/auth-for*/database r, } } | about 1 year ago | 95 | cityzen | Edit | History | ||
| opensuse11.0 | /bin/bash | #include <tunables/global> /bin/bash flags=(complain) { #include <abstractions/base> } | over 2 years ago | 213 | purrcy | Edit | History | ||
| opensuse10.3 | /usr/sbin/mysqld-max | #include <tunables/global> /usr/sbin/mysqld-max { #include <abstractions/base> #include <abstractions/nameservice> capability dac_override, capability setgid, capability setuid, network inet tcp, /etc/ld.so.preload r, /etc/my.cnf r, /usr/sbin/mysqld r, /usr/sbin/mysqld-max mr, /usr/share/mysql/** r, /var/db/nscd/passwd r, /var/lib/distccd/** lkrw, /var/lib/mysql/ r, /var/lib/mysql/** klrw, /var/run/mysqld/* lrw, } | over 2 years ago | 232 | shimingzhou | Edit | History | ||
| ubuntu-gutsy | /usr/bin/ripole | #include <tunables/global> /usr/bin/ripole { #include <abstractions/base> /usr/bin/ripole mr, /var/lib/amavis/tmp/** rw, } | over 3 years ago | 249 | stive | Edit | History | ||
| opensuse11.0 | /usr/bin/test | #include <tunables/global> /usr/bin/test flags=(complain) { #include <abstractions/base> } | over 3 years ago | 219 | lbarsov | Edit | History | ||
| opensuse11.0 | /usr/bin/ktorrent | #include <tunables/global> /usr/bin/ktorrent { #include <abstractions/base> } | over 3 years ago | 242 | kingsv30 | Edit | History | ||
| opensuse11.0 | /usr/sbin/httpd2-prefork | # $Id: usr.sbin.httpd2-prefork 706 2007-05-31 06:58:22Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/perl> capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_tty_config, /dev/random r, /etc/apache2/*.conf r, /etc/apache2/magic r, /etc/apache2/mod_perl-startup.pl r, /etc/apache2/ssl.crt/*.crt r, /etc/apache2/ssl.key/*.key r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/apache2/{conf,sysconfig,vhosts}.d/* r, /etc/fstab r, /etc/mime.types r, /etc/mtab r, /etc/odbcinst.ini r, /etc/php.d/ r, /etc/php.d/** r, /etc/php.ini r, /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /tmp/auth_ldap_cache.sem wl, /tmp/session_mm_apache0.sem wl, /tmp/session_mm_apache2handler0.sem wl, /usr/X11R6/lib/lib*.so* mr, /usr/X11R6/lib64/lib*.so* mr, /usr/apache2/error/* r, /usr/lib/apache2-leader/{lib,mod_}*.so* mr, /usr/lib/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib/apache2-worker/{lib,mod_}*.so* mr, /usr/lib/apache2/modules/{lib,mod_}*.so* mr, /usr/lib/apache2/{lib,mod_}*.so mr, /usr/lib/mysql/libmysql*.so* mr, /usr/lib/php/extensions/*.so mr, /usr/lib/php4/*.so mr, /usr/lib/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib/python[12].[0-9]/site-packages r, /usr/lib/qt3/lib/lib*.so* mr, /usr/lib64/apache2-leader/{lib,mod_}*.so* mr, /usr/lib64/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib64/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib64/apache2-worker/{lib,mod_}*.so* mr, /usr/lib64/apache2/modules/{lib,mod_}*.so* mr, /usr/lib64/apache2/{lib,mod_}*.so* mr, /usr/lib64/mysql/libmysql*.so* mr, /usr/lib64/php/extensions/*.so mr, /usr/lib64/php4/*.so mr, /usr/lib64/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib64/python[12].[0-9]/site-packages r, /usr/lib64/qt3/lib/lib*.so* mr, /usr/local/tomcat/conf/mod_jk.conf r, /usr/local/tomcat/conf/workers-ajp12.properties r, /usr/sbin/httpd2-prefork r, /usr/sbin/suexec2 mrix, /usr/share/apache2/** r, /usr/share/apache2/error/* r, /usr/share/apache2/error/include/* r, /usr/share/misc/magic.mime r, /usr/share/snmp/mibs r, /usr/share/snmp/mibs/*.{txt,mib} r, /usr/share/snmp/mibs/.index rw, /usr/share/ssl/openssl.cnf r, /var/lib/php/sess_* rwl, /var/lock/httpd2.lock.* wl, /var/log/apache2/* rwl, /var/log/apache2/** rwl, /var/log/httpd/ssl_scache.dir r, /var/log/httpd/ssl_scache.pag r, /var/run/httpd2.mm.* wl, /var/run/httpd2.pid wl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, ^DEFAULT_URI { #include <abstractions/base> #include <abstractions/nameservice> /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /usr/sbin/suexec2 mrix, /usr/share/apache2/** r, /var/lib/php/sess_* rwl, /var/log/apache2/** rwl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } ^HANDLING_UNTRUSTED_INPUT { #include <abstractions/nameservice> /**.htaccess r, /var/log/apache2/* w, } } | over 3 years ago | httpd2 | 285 | kovik-apparmor | Edit | History | |
| opensuse10.3 | /bin/hostname | #include <tunables/global> /bin/hostname { #include <abstractions/base> #include <abstractions/nameservice> capability sys_admin, /bin/hostname mr, } | over 4 years ago | none | 263 | cinimod | Edit | History | |
| opensuse10.3 | /sbin/ifconfig | #include <tunables/global> /sbin/ifconfig { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, capability sys_module, /proc/net/ r, /proc/net/* r, /sbin/ifconfig mr, } | over 4 years ago | none | 260 | cinimod | Edit | History | |
| opensuse10.3 | /usr/bin/VBox | #include <tunables/global> /usr/bin/VBox flags=(complain) { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> capability sys_ptrace, network inet dgram, network inet stream, network inet6 stream, / r, /Archiv/ rw, /Archiv/.Trash-overwrite/ rw, /Archiv/.Trash-patrick/ rw, /Archiv/Filez/ rw, /Archiv/Filez/GSO/ rw, /Archiv/Filez/GSO/** rw, /Archiv/Filez/Multimedia/Tonstudio/ r, /Archiv/Filez/Multimedia/Tonstudio/** rw, /bin/ r, /bin/basename ixr, /bin/bash ixr, /bin/gawk ixr, /bin/grep ixr, /bin/lsmod ixr, /bin/ps ixr, /bin/rm ixr, /boot/ r, /dev/ r, /dev/fd0 rw, /dev/sr0 r, /dev/tty rw, /dev/vboxdrv rw, /etc/ r, /etc/X11/qt_plugins_3.3rc r, /etc/X11/qtrc r, /etc/fonts/** r, /etc/fstab r, /etc/gnome-vfs-2.0/modules/ r, /etc/gnome-vfs-2.0/modules/default-modules.conf r, /etc/gnome-vfs-2.0/modules/font-method.conf r, /etc/gnome-vfs-2.0/modules/mapping-modules.conf r, /etc/gnome-vfs-2.0/modules/smb-module.conf r, /etc/gnome-vfs-2.0/modules/ssl-modules.conf r, /etc/gnome-vfs-2.0/modules/theme-method.conf r, /etc/gre.d/ r, /etc/gre.d/1.8.1.10.conf r, /etc/gre.d/1.8.1.9.conf r, /etc/host.conf r, /etc/hosts r, /etc/magic r, /etc/nsswitch.conf r, /etc/passwd r, /etc/resolv.conf r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.VirtualBox/* rw, /home/*/.VirtualBox/Machines/GSO/GSO.xml rw, /home/*/.VirtualBox/Machines/GSO/Logs/* rw, "/home/*/.VirtualBox/Machines/WinXP TonStudio/" w, /home/*/.VirtualBox/VDI/* krw, /home/*/.Xauthority r, /home/*/.fontconfig/*.cache-2 r, /home/*/.gnome2_private/ w, /home/*/.qt/.qtrc.lock krw, /home/*/.qt/qtrc r, /lib/ r, /log.txt r, /media/ r, /mnt/ r, /mypcs/ rw, /myscripts/ r, /opt/ r, /opt/kde3/lib/kde3/plugins/styles/ r, /opt/kde3/lib/kde3/plugins/styles/plastik.so mr, /opt/kde3/lib/lib*so* mr, /proc/ r, /proc/*/mounts r, /proc/*/stat r, /proc/*/status r, /proc/bus/usb/002/004 rw, /proc/bus/usb/003/002 rw, /proc/bus/usb/003/003 rw, /proc/bus/usb/003/004 rw, /proc/bus/usb/003/008 rw, /proc/bus/usb/004/002 rw, /proc/bus/usb/004/003 rw, /proc/bus/usb/004/004 rw, /proc/bus/usb/004/008 rw, /proc/bus/usb/005/002 rw, /proc/bus/usb/005/004 rw, /proc/bus/usb/005/008 rw, /proc/bus/usb/006/002 rw, /proc/bus/usb/006/003 rw, /proc/bus/usb/006/004 rw, /proc/bus/usb/007/002 rw, /proc/bus/usb/007/003 rw, /proc/bus/usb/007/004 rw, /proc/bus/usb/007/005 rw, /proc/bus/usb/007/006 rw, /proc/bus/usb/devices r, /proc/meminfo r, /proc/modules r, /proc/stat r, /proc/sys/kernel/ngroups_max r, /proc/sys/kernel/pid_max r, /proc/tty/drivers r, /proc/uptime r, /sbin/ r, /srv/ r, /sys/ r, /tmp/ rw, /tmp/.ICE-unix/* w, /tmp/.X11-unix/X0 w, /tmp/.vbox-overwrite-ipc/ rw, /tmp/.vbox-overwrite-ipc/ipcd w, /tmp/.vbox-overwrite-ipc/lock kw, /tmp/gconfd-overwrite/lock/ior r, /tmp/orbit-overwrite/ w, /tmp/orbit-overwrite/linc-* w, /usr/ r, /usr/bin/VBox mr, /usr/bin/bug-buddy ixr, /usr/bin/expr ixr, /usr/bin/file ixr, /usr/bin/gnome-open ixr, /usr/bin/which ixr, /usr/bin/whoami ixr, /usr/lib/** mr, /usr/lib/firefox/firefox-bin ixr, /usr/lib/firefox/firefox.sh ixr, /usr/lib/virtualbox/VBoxSVC ixr, /usr/lib/virtualbox/VBoxXPCOMIPCD ixr, /usr/lib/virtualbox/VirtualBox ixr, /usr/share/X11/locale/compose.dir r, /usr/share/X11/locale/en_US.UTF-8/Compose r, /usr/share/X11/locale/en_US.UTF-8/XLC_LOCALE r, /usr/share/X11/locale/locale.alias r, /usr/share/X11/locale/locale.dir r, /usr/share/desktop-data/qtrc r, /usr/share/doc/packages/VirtualBox/ r, /usr/share/fonts/** r, /usr/share/icons/Industrial/cursors/hand2 r, /usr/share/icons/Industrial/cursors/left_ptr r, /usr/share/icons/Industrial/cursors/left_ptr_watch r, /usr/share/icons/Industrial/cursors/sb_h_double_arrow r, /usr/share/icons/Industrial/cursors/sb_v_double_arrow r, /usr/share/icons/Industrial/cursors/watch r, /usr/share/icons/Industrial/cursors/xterm r, /usr/share/icons/Industrial/index.theme r, /usr/share/icons/Tango/index.theme r, /usr/share/icons/gnome/index.theme r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20-properties.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libbonobo-2.0.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libgnome-2.0.mo r, /usr/share/misc/magic.mgc r, /usr/share/virtualbox/** r, /var/ r, /var/cache/fontconfig/* r, /var/cache/libx11/compose/l4_024_313cb605_00280cc0 r, /var/run/nscd/group r, /var/run/nscd/passwd r, /var/run/nscd/socket w, } | over 4 years ago | 317 | overwrite | Edit | History | ||
| opensuse10.3 | /usr/sbin/NetworkManagerDispatcher | #include <tunables/global> /usr/sbin/NetworkManagerDispatcher { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/dbus> /bin/bash ixr, /etc/NetworkManager/dispatcher.d/ r, /etc/NetworkManager/dispatcher.d/autofs Px, /etc/NetworkManager/dispatcher.d/netcontrol_global_hooks Px, /etc/NetworkManager/dispatcher.d/netcontrol_services Px, /etc/NetworkManager/dispatcher.d/nfs Px, /etc/NetworkManager/dispatcher.d/privoxy Px, /proc/meminfo r, /usr/sbin/NetworkManagerDispatcher mr, /var/run/NetworkManagerDispatcher.pid w, } | over 4 years ago | Import of jmichaels profiles | 264 | dominic | Edit | History | |
| opensuse10.3 | /sbin/runlevel | #include <tunables/global> /sbin/runlevel { #include <abstractions/base> /sbin/runlevel mr, /var/run/utmp krw, } | over 4 years ago | none | 244 | cinimod | Edit | History | |
| opensuse11.0 | /usr/bin/vlc | #include <tunables/global> /usr/bin/vlc flags=(complain) { #include <abstractions/base> } | over 3 years ago | 249 | antonin_s | Edit | History | ||
| opensuse10.3 | /usr/lib/postfix/showq | #include <tunables/global> /usr/lib/postfix/showq flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> capability setgid, capability setuid, /etc/gai.conf r, /etc/postfix/dynamicmaps.cf r, /etc/postfix/main.cf r, /proc/net/if_inet6 r, /usr/lib/postfix/showq mr, /var/spool/postfix/active/ r, /var/spool/postfix/deferred/ r, /var/spool/postfix/deferred/0/ r, /var/spool/postfix/deferred/1/ r, /var/spool/postfix/deferred/2/ r, /var/spool/postfix/deferred/3/ r, /var/spool/postfix/deferred/4/ r, /var/spool/postfix/deferred/5/ r, /var/spool/postfix/deferred/6/ r, /var/spool/postfix/deferred/7/ r, /var/spool/postfix/deferred/8/ r, /var/spool/postfix/deferred/A/ r, /var/spool/postfix/deferred/B/ r, /var/spool/postfix/deferred/C/ r, /var/spool/postfix/deferred/D/ r, /var/spool/postfix/deferred/E/ r, /var/spool/postfix/deferred/F/ r, /var/spool/postfix/hold/ r, /var/spool/postfix/incoming/ r, /var/spool/postfix/maildrop/ r, /var/spool/postfix/pid/unix.showq krw, } | over 3 years ago | e | 262 | mikemende | Edit | History | |
| opensuse10.3 | /sda7/distributions/10.3/bin/zcat | #include <tunables/global> /sda7/distributions/10.3/bin/zcat { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /sda7/distributions/10.3/bin/zcat mr, } | over 3 years ago | sda | 257 | resqp2if | Edit | History | |
| opensuse11.0 | /usr/lib64/firefox/firefox.sh | #include <tunables/global> /usr/lib64/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ix, ^null-11 { #include <abstractions/base> } ^null-13 { #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gre.d/ r, /etc/gre.d/*.conf r, /etc/kde4/share/** r, /etc/kde4rc r, owner /home/*/.Xauthority r, owner /home/*/.config/* rk, owner /home/*/.fontconfig/* r, owner /home/*/.fonts.conf r, owner /home/*/.gtkrc-2.0-kde4 r, owner /home/*/.kde4/share/** rk, owner /home/*/.mozilla/** rwk, /proc/cpuinfo r, /proc/filesystems r, /proc/meminfo r, owner /usr/lib64/** w, /usr/lib64/** mr, /usr/share/locale-bundle/** r, /usr/share/mozilla/** r, } ^null-d { #include <abstractions/base> } ^null-f { #include <abstractions/base> /etc/magic r, /usr/share/** r, } } | about 1 year ago | 78 | NthDeGeek | Edit | History | ||
| opensuse11.0 | /usr/bin/tor | #include <tunables/global> /usr/bin/tor { #include <abstractions/base> #include <abstractions/nameservice> capability setgid, /etc/tor/torrc r, /usr/bin/tor mr, /var/db/nscd/* r, /var/lib/tor/* rw, /var/lib/tor/*/ r, /var/lib/tor/cached-status/** rw, owner /var/log/tor/* w, /var/log/tor/* a, /var/run/tor/tor.pid w, } | over 2 years ago | 185 | shimingzhou | Edit | History | ||
| ubuntu-gutsy | /sbin/portmap | # $Id: sbin.portmap 90 2006-08-04 19:13:59Z seth_arnold $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /sbin/portmap { #include <abstractions/base> #include <abstractions/nameservice> capability net_bind_service, capability setgid, capability setuid, /etc/bindresvport.blacklist r, /etc/hosts.allow r, /etc/hosts.deny r, /sbin/portmap rmix, } | over 3 years ago | 230 | stive | Edit | History | ||
| opensuse11.0 | /usr/lib64/firefox/firefox.sh | #include <tunables/global> /usr/lib64/firefox/firefox.sh { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, } | over 3 years ago | 232 | jerry | Edit | History | ||
| opensuse11.0 | /usr/sbin/apache2ctl | #include <tunables/global> /usr/sbin/apache2ctl flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, } | over 3 years ago | personal | 251 | BorzdeG | Edit | History | |
| opensuse10.3 | /bin/hostname | #include <tunables/global> /bin/hostname { #include <abstractions/base> #include <abstractions/nameservice> capability sys_admin, /bin/hostname mr, } | over 4 years ago | Import of jmichaels profiles | 296 | dominic | Edit | History | |
| opensuse10.3 | /sbin/ifconfig | #include <tunables/global> /sbin/ifconfig { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, capability sys_module, /proc/net/ r, /proc/net/* r, /sbin/ifconfig mr, } | over 4 years ago | Import of jmichaels profiles | 270 | dominic | Edit | History | |
| opensuse10.3 | /usr/sbin/NetworkManagerDispatcher | #include <tunables/global> /usr/sbin/NetworkManagerDispatcher { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/dbus> /bin/bash ixr, /etc/NetworkManager/dispatcher.d/ r, /etc/NetworkManager/dispatcher.d/autofs Px, /etc/NetworkManager/dispatcher.d/netcontrol_global_hooks Px, /etc/NetworkManager/dispatcher.d/netcontrol_services Px, /etc/NetworkManager/dispatcher.d/nfs Px, /etc/NetworkManager/dispatcher.d/privoxy Px, /proc/meminfo r, /usr/sbin/NetworkManagerDispatcher mr, /var/run/NetworkManagerDispatcher.pid w, } | over 4 years ago | none | 257 | cinimod | Edit | History | |
| opensuse11.0 | /usr/lib/firefox/firefox | #include <tunables/global> /usr/lib/firefox/firefox flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /etc/fonts/** r, /etc/gai.conf r, /etc/gnome-vfs-2.0/modules/ r, /etc/gnome-vfs-2.0/modules/default-modules.conf r, /etc/gnome-vfs-2.0/modules/font-method.conf r, /etc/gnome-vfs-2.0/modules/obex-module.conf r, /etc/gnome-vfs-2.0/modules/smb-module.conf r, /etc/gnome-vfs-2.0/modules/ssl-modules.conf r, /etc/gnome-vfs-2.0/modules/theme-method.conf r, /usr/lib/firefox/firefox.sh rix, } | over 2 years ago | 205 | knigeth | Edit | History | ||
| opensuse11.0 | /usr/lib/firefox/firefox.sh | #include <tunables/global> /usr/lib/firefox/firefox.sh { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> deny capability sys_ptrace, /bin/basename rix, /bin/bash rix, /bin/grep rix, /etc/magic r, /usr/bin/file rix, /usr/lib/firefox/firefox px, /usr/share/misc/magic.mgc r, } | over 2 years ago | 191 | kelln | Edit | History | ||
| opensuse11.0 | /usr/lib64/firefox/firefox | #include <tunables/global> /usr/lib64/firefox/firefox { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /** r, /etc/gre.d/ r, owner /home/*/.beagle/socket w, /home/*/.beagle/socket r, owner /home/*/.config/gtk-2.0/* w, /home/*/.config/gtk-2.0/* r, owner /home/*/.config/qtcurve.gtk-colors w, /home/*/.config/qtcurve.gtk-colors r, owner /home/*/.config/qtcurve.gtk-icons w, /home/*/.config/qtcurve.gtk-icons r, owner /home/*/.mozilla/firefox/** w, /home/*/.mozilla/firefox/** r, owner /home/*/.mozilla/firefox/*/* wk, /home/*/.mozilla/firefox/*/* r, owner /home/*/.mozilla/firefox/*/Cache.Trash/ w, owner /var/mozilla/*/.mozilla/firefox/** w, /var/mozilla/*/.mozilla/firefox/** r, owner /var/mozilla/*/.mozilla/firefox/*/* wk, /var/mozilla/*/.mozilla/firefox/*/* r, owner /var/mozilla/*/.mozilla/firefox/*/Cache.Trash/ w, } | over 2 years ago | new profiles - on suse11 | 207 | antonomasia | Edit | History | |
| opensuse10.3 | /opt/skype/skype | #include <tunables/global> /opt/skype/skype flags=(complain) { #include <abstractions/base> /opt/skype/skype mr, } | over 3 years ago | 239 | CarlosAlbertoRibeiro | Edit | History | ||
| opensuse10.3 | /usr/bin/beagle-search | #include <tunables/global> /usr/bin/beagle-search flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/bin/beagle-search mr, } | over 4 years ago | few more profile tweaks | 305 | jmichael | Edit | History | |
| opensuse10.3 | /usr/bin/ssh-agent | #include <tunables/global> /usr/bin/ssh-agent { #include <abstractions/base> /tmp/** w, /usr/bin/ssh-agent mr, } | over 4 years ago | changes-3 | 243 | security | Edit | History | |
| opensuse10.3 | /usr/share/kolab/scripts/kolab_smtpdpolicy | #include <tunables/global> /usr/share/kolab/scripts/kolab_smtpdpolicy { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/perl> /etc/kolab/kolab_smtpdpolicy.conf r, /usr/bin/perl ix, /usr/share/kolab/scripts/kolab_smtpdpolicy mr, } | over 3 years ago | 266 | arclyde | Edit | History | ||
| opensuse11.0 | /sbin/SuSEfirewall2 | #include <tunables/global> /sbin/SuSEfirewall2 flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/bin/tty rix, other /usr/sbin/ip6tables-batch -> /usr/sbin/ip6tables-batch, /usr/sbin/ip6tables-batch Cx -> /usr/sbin/ip6tables-batch, other /usr/sbin/iptables-batch , /usr/sbin/iptables-batch Px, profile /usr/sbin/ip6tables-batch { } } | over 3 years ago | 236 | h_keiner | Edit | History | ||
| opensuse11.0 | /bin/hostname | #include <tunables/global> /bin/hostname { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability sys_admin, /bin/hostname mr, } | over 3 years ago | allow to change hostname. | 211 | poeml | Edit | History | |
| opensuse10.3 | /sbin/portmap | #include <tunables/global> /sbin/portmap { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/nis> capability net_bind_service, capability setgid, capability setuid, /etc/hosts.allow r, /etc/hosts.deny r, /sbin/portmap mr, /var/run/portmap_mapping rw, } | over 4 years ago | 304 | JaMm | Edit | History | ||
| opensuse10.3 | /usr/bin/gnome-terminal | #include <tunables/global> /usr/bin/gnome-terminal flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> capability sys_ptrace, /bin/bash Ux, /dev/ptmx rw, /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /proc/meminfo r, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/bin/gnome-terminal mr, /usr/lib/vte/gnome-pty-helper Px, /usr/share/terminfo/** r, /usr/share/vte/termcap/* r, /var/cache/libx11/compose/* r, } | over 4 years ago | misc update | 265 | jmichael | Edit | History | |
| opensuse10.3 | /opt/kde3/bin/kmplayer | #include <tunables/global> /opt/kde3/bin/kmplayer flags=(complain) { #include <abstractions/base> /opt/kde3/bin/kmplayer mr, /opt/kde3/lib/lib*so* mr, } | over 4 years ago | kmplayer | 269 | Falko_Gehde | Edit | History | |
| opensuse11.0 | /usr/bin/test | #include <tunables/global> /usr/bin/test flags=(complain) { #include <abstractions/base> } | 9 months ago | test | 67 | andstu1 | Edit | History | |
| opensuse10.3 | /usr/lib/firefox/firefox.sh | #include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/lib/firefox/firefox.sh mr, } | over 3 years ago | 0.001 | 236 | mechwarr1214 | Edit | History | |
| opensuse10.3 | /bin/basename | #include <tunables/global> /bin/basename flags=(complain) { #include <abstractions/base> /bin/basename mr, } | over 4 years ago | argh, switch things back to complain for a while | 291 | jmichael | Edit | History | |
| opensuse10.3 | /etc/gdm/PostLogin/Default | #include <tunables/global> /etc/gdm/PostLogin/Default { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/gdm/PostLogin/Default mr, /proc/meminfo r, } | over 4 years ago | Import of jmichaels profiles | 287 | dominic | Edit | History | |
| opensuse10.3 | /etc/init.d/boot.dazuko | #include <tunables/global> /etc/init.d/boot.dazuko flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> capability sys_module, /bin/basename ixr, /bin/bash ixr, /bin/grep ixr, /bin/lsmod ixr, /bin/stty ixr, /etc/init.d/boot.dazuko mr, /etc/modprobe.conf r, /etc/modprobe.conf.local r, /etc/modprobe.d/ r, /etc/modprobe.d/blacklist r, /etc/modprobe.d/ipv6 r, /etc/modprobe.d/ipw2200 r, /etc/modprobe.d/iwlwifi r, /etc/modprobe.d/module-renames r, /etc/modprobe.d/nvidia r, /etc/modprobe.d/pnp-aliases r, /etc/modprobe.d/sound r, /etc/modprobe.d/thinkpad_acpi r, /etc/modprobe.d/tv r, /etc/modprobe.d/unsupported.blacklist r, /etc/modprobe.d/xorg-x11-driver-video r, /etc/rc.status r, /etc/sysconfig/dazuko r, /etc/sysconfig/kernel r, /lib/modules/*/modules.dep r, /lib/modules/*/updates/dazuko.ko krw, /proc/modules r, /sbin/modprobe ixr, } | over 4 years ago | it works | 329 | overwrite | Edit | History | |
| opensuse11.0 | /usr/sbin/httpd2-prefork | #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> ^DEFAULT_URI flags=(complain) { } ^HANDLING_UNTRUSTED_INPUT flags=(complain) { } } | about 1 year ago | 81 | mroose | Edit | History | ||
| opensuse11.0 | /usr/sbin/httpd2-prefork | # $Id: usr.sbin.httpd2-prefork 706 2007-05-31 06:58:22Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/perl> capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_tty_config, /dev/random r, /etc/apache2/*.conf r, /etc/apache2/magic r, /etc/apache2/mod_perl-startup.pl r, /etc/apache2/ssl.crt/*.crt r, /etc/apache2/ssl.key/*.key r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/apache2/{conf,sysconfig,vhosts}.d/* r, /etc/fstab r, /etc/mime.types r, /etc/mtab r, /etc/odbcinst.ini r, /etc/php.d/ r, /etc/php.d/** r, /etc/php.ini r, /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /tmp/auth_ldap_cache.sem wl, /tmp/session_mm_apache0.sem wl, /tmp/session_mm_apache2handler0.sem wl, /usr/X11R6/lib/lib*.so* mr, /usr/X11R6/lib64/lib*.so* mr, /usr/apache2/error/* r, /usr/lib/apache2-leader/{lib,mod_}*.so* mr, /usr/lib/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib/apache2-worker/{lib,mod_}*.so* mr, /usr/lib/apache2/modules/{lib,mod_}*.so* mr, /usr/lib/apache2/{lib,mod_}*.so mr, /usr/lib/mysql/libmysql*.so* mr, /usr/lib/php/extensions/*.so mr, /usr/lib/php4/*.so mr, /usr/lib/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib/python[12].[0-9]/site-packages r, /usr/lib/qt3/lib/lib*.so* mr, /usr/lib64/apache2-leader/{lib,mod_}*.so* mr, /usr/lib64/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib64/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib64/apache2-worker/{lib,mod_}*.so* mr, /usr/lib64/apache2/modules/{lib,mod_}*.so* mr, /usr/lib64/apache2/{lib,mod_}*.so* mr, /usr/lib64/mysql/libmysql*.so* mr, /usr/lib64/php/extensions/*.so mr, /usr/lib64/php4/*.so mr, /usr/lib64/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib64/python[12].[0-9]/site-packages r, /usr/lib64/qt3/lib/lib*.so* mr, /usr/local/tomcat/conf/mod_jk.conf r, /usr/local/tomcat/conf/workers-ajp12.properties r, /usr/sbin/httpd2-prefork r, /usr/sbin/suexec2 mrix, /usr/share/apache2/** r, /usr/share/apache2/error/* r, /usr/share/apache2/error/include/* r, /usr/share/misc/magic.mime r, /usr/share/snmp/mibs r, /usr/share/snmp/mibs/*.{txt,mib} r, /usr/share/snmp/mibs/.index rw, /usr/share/ssl/openssl.cnf r, /var/lib/php/sess_* rwl, /var/lock/httpd2.lock.* wl, /var/log/apache2/* rwl, /var/log/apache2/** rwl, /var/log/httpd/ssl_scache.dir r, /var/log/httpd/ssl_scache.pag r, /var/run/httpd2.mm.* wl, /var/run/httpd2.pid wl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, ^DEFAULT_URI flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /usr/sbin/suexec2 mrix, /usr/share/apache2/** r, /var/lib/php/sess_* rwl, /var/log/apache2/** rwl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } ^HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /**.htaccess r, /var/log/apache2/* w, } } | over 2 years ago | initial apache2 | 147 | rbf072858 | Edit | History | |
| opensuse11.0 | /usr/lib64/firefox/firefox.sh | #include <tunables/global> /usr/lib64/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, } | over 3 years ago | dave3 | 245 | shot211 | Edit | History | |
| ubuntu-gutsy | /usr/bin/python2.5 | #include <tunables/global> /usr/bin/python2.5 flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/python> capability dac_override, /etc/apt/apt.conf.d/ r, /etc/apt/apt.conf.d/* r, /etc/apt/sources.list r, /etc/apt/sources.list.d/ r, /etc/apt/sources.list.d/*.list r, /proc/meminfo r, /proc/stat r, /usr/bin/python2.5 mr, /usr/share/command-not-found/programs.d/ r, /usr/share/command-not-found/programs.d/*.db r, /usr/share/python-apt/templates/ r, /usr/share/python-apt/templates/*.info r, /usr/share/python-apt/templates/*.mirrors r, } | over 4 years ago | gnome | 270 | hbpteam | Edit | History | |
| ubuntu-gutsy | /usr/lib/jvm/java-1.5.0-sun-1.5.0.13/jre/bin/javaws | #include <tunables/global> /usr/lib/jvm/java-1.5.0-sun-1.5.0.13/jre/bin/javaws { #include <abstractions/base> /usr/lib/jvm/java-1.5.0-sun-1.5.0.13/jre/bin/javaws mr, } | over 4 years ago | gnome | 293 | hbpteam | Edit | History | |
| ubuntu-gutsy | /etc/cron.daily/man-db | #include <tunables/global> /etc/cron.daily/man-db { #include <abstractions/base> #include <abstractions/perl> #include <abstractions/user-manpages> capability chown, capability setgid, capability setuid, / r, /bin/chown ixr, /bin/dash ixr, /etc/cron.daily/man-db mr, /etc/group r, /etc/manpath.config r, /etc/nsswitch.conf r, /etc/passwd r, /sbin/start-stop-daemon ixr, /usr/bin/find ixr, /usr/bin/perl ix, /usr/bin/xargs ixr, /usr/lib/** mr, /usr/lib/man-db/manconv ixr, /usr/lib/man-db/mandb ixr, /usr/man/ r, /usr/sbin/dpkg-statoverride ixr, /usr/share/man/ r, /usr/share/perl/** r, /usr/share/perl5/** r, /var/cache/ r, /var/cache/man/ rw, /var/cache/man/** krw, /var/lib/dpkg/* r, } | over 2 years ago | 202 | stive | Edit | History | ||
| opensuse10.3 | /bin/basename | #include <tunables/global> /bin/basename { #include <abstractions/base> /bin/basename mr, } | over 4 years ago | 20071015 | 262 | davepl | Edit | History | |
| opensuse10.3 | /usr/sbin/wpa_supplicant | #include <tunables/global> /usr/sbin/wpa_supplicant flags=(complain) { #include <abstractions/base> capability net_admin, capability net_raw, capability sys_module, network inet dgram, network packet dgram, /proc/net/ r, /proc/net/unix r, /usr/sbin/wpa_supplicant mr, /var/run/NetworkManager/wpa_ctrl_* w, /var/run/wpa_supplicant-global w, /var/run/wpa_supplicant/ w, /var/run/wpa_supplicant/* w, } | over 4 years ago | argh, switch things back to complain for a while | 273 | jmichael | Edit | History | |
| opensuse10.3 | /usr/bin/gnome-wm | #include <tunables/global> /usr/bin/gnome-wm { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /bin/grep ixr, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/compiz Px, /usr/bin/gnome-wm mr, /usr/bin/xdpyinfo Px, } | over 4 years ago | Import of jmichaels profiles | 250 | dominic | Edit | History | |
| opensuse10.3 | /etc/gdm/PostLogin/Default | #include <tunables/global> /etc/gdm/PostLogin/Default { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/gdm/PostLogin/Default mr, /proc/meminfo r, } | over 4 years ago | none | 236 | cinimod | Edit | History | |
| opensuse10.3 | /usr/lib/cyrus/bin/notifyd | #include <tunables/global> /usr/lib/cyrus/bin/notifyd { #include <abstractions/base> /etc/imapd.* r, /mnt/mail/config/** krw, /usr/lib/cyrus/bin/notifyd mr, /var/lib/imap/** krw, } | over 3 years ago | 267 | arclyde | Edit | History | ||
| opensuse10.3 | /usr/lib/firefox/firefox.sh | #include <tunables/global> /usr/lib/firefox/firefox.sh { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/user-tmp> /bin/basename Px, /bin/bash ixr, /bin/grep ixr, /bin/mktemp ixr, /etc/magic r, /home/*/.gdbinit r, /home/*/.inputrc r, /proc/*/auxv r, /proc/*/mem r, /proc/*/status r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/expr ixr, /usr/bin/file ixr, /usr/bin/gdb ixr, /usr/lib/firefox/firefox-bin Pxr, /usr/lib/firefox/firefox.sh mr, /usr/share/misc/magic.mgc r, } | over 4 years ago | 268 | overwrite | Edit | History | ||
| ubuntu-gutsy | /usr/bin/xkbcomp | #include <tunables/global> /usr/bin/xkbcomp { #include <abstractions/X> #include <abstractions/base> /usr/bin/xkbcomp mr, /var/lib/xkb/*.xkm w, } | over 4 years ago | gnome | 302 | hbpteam | Edit | History | |
| opensuse11.0 | /root/star.sh | #include <tunables/global> /root/star.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, } | 9 months ago | /var/log/imd.log | 45 | imdsevilla | Edit | History | |
| opensuse11.0 | /mnt/temp/drive_c/Program Files/Electronic Arts/The Sims 3/Game/Bin/TS3.exe | #include <tunables/global> profile "/mnt/temp/drive_c/Program Files/Electronic Arts/The Sims 3/Game/Bin/TS3.exe" flags=(complain) { #include <abstractions/base> } | about 1 year ago | the sims | 106 | rave | Edit | History | |
| ubuntu-gutsy | /usr/lib/postfix/scache | # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/lib/postfix/scache { #include <abstractions/base> #include <abstractions/nameservice> #include <program-chunks/postfix-common> /etc/mailname r, /usr/lib/postfix/scache rmix, /var/run/nscd/group r, } | over 3 years ago | 208 | stive | Edit | History | ||
| opensuse10.3 | /usr/sbin/cron | #include <tunables/global> /usr/sbin/cron flags=(complain) { #include <abstractions/base> /usr/sbin/cron mr, } | over 3 years ago | 259 | rm2011 | Edit | History | ||
| opensuse10.3 | /usr/bin/gnome-wm | #include <tunables/global> /usr/bin/gnome-wm { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /bin/grep ixr, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/compiz Px, /usr/bin/gnome-wm mr, /usr/bin/xdpyinfo Px, } | over 4 years ago | none | 222 | cinimod | Edit | History | |
| ubuntu-gutsy | /tmp/upxBLFO3MBALNH | #include <tunables/global> /tmp/upxBLFO3MBALNH flags=(complain) { #include <abstractions/base> /tmp/upxBLFO3MBALNH mr, } | over 4 years ago | 292 | larsthegeek | Edit | History | ||
| opensuse10.3 | /usr/bin/xdpyinfo | #include <tunables/global> /usr/bin/xdpyinfo flags=(complain) { #include <abstractions/X> #include <abstractions/base> /home/*/.Xauthority r, /usr/bin/xdpyinfo mr, } | over 4 years ago | few more changes to get gnome session working elsewhere | 302 | jmichael | Edit | History | |
| opensuse11.0 | /usr/lib/opera/9.52/operaplugincleaner | #include <tunables/global> /usr/lib/opera/9.52/operaplugincleaner flags=(complain) { #include <abstractions/base> /usr/lib/** mr, } | over 3 years ago | opera | 222 | vojtaeus | Edit | History | |
| ubuntu-gutsy | /sbin/apparmor_parser | #include <tunables/global> /sbin/apparmor_parser flags=(complain) { #include <abstractions/base> #include <abstractions/user-tmp> /etc/apparmor.d/abstractions/X r, /etc/apparmor.d/abstractions/audio r, /etc/apparmor.d/abstractions/authentication r, /etc/apparmor.d/abstractions/base r, /etc/apparmor.d/abstractions/bash r, /etc/apparmor.d/abstractions/consoles r, /etc/apparmor.d/abstractions/dbus r, /etc/apparmor.d/abstractions/fonts r, /etc/apparmor.d/abstractions/freedesktop.org r, /etc/apparmor.d/abstractions/gnome r, /etc/apparmor.d/abstractions/kerberosclient r, /etc/apparmor.d/abstractions/mdns r, /etc/apparmor.d/abstractions/nameservice r, /etc/apparmor.d/abstractions/nis r, /etc/apparmor.d/abstractions/nvidia r, /etc/apparmor.d/abstractions/orbit2 r, /etc/apparmor.d/abstractions/perl r, /etc/apparmor.d/abstractions/python r, /etc/apparmor.d/abstractions/user-tmp r, /etc/apparmor.d/abstractions/winbind r, /etc/apparmor.d/tunables/global r, /etc/apparmor.d/tunables/home r, /etc/apparmor.d/tunables/proc r, /etc/apparmor/subdomain.conf r, /proc/*/mounts r, /proc/meminfo r, /sbin/apparmor_parser mr, /sys/kernel/security/apparmor/.replace w, /sys/kernel/security/apparmor/matching r, } | over 4 years ago | gnome | 259 | hbpteam | Edit | History | |
| opensuse10.3 | /etc/init.d/ntp | #include <tunables/global> /etc/init.d/ntp flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/nis> #include <abstractions/wutmp> capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_chroot, capability sys_ptrace, capability sys_time, capability sys_tty_config, /bin/bash ixr, /bin/cp ixr, /bin/rm ixr, /bin/stty ixr, /dev/blog w, /etc/gai.conf r, /etc/init.d/ntp ixr, /etc/ntp.conf r, /etc/rc.status r, /etc/sysconfig/ntp r, /proc/ r, /proc/*/stat r, /proc/*/statm r, /proc/meminfo r, /proc/net/if_inet6 r, /sbin/checkproc ixr, /sbin/killproc ixr, /sbin/startproc ixr, /usr/sbin/ntpd Pxmr, /usr/sbin/ntpdate Px, /var/lib/ntp/drift/ntp.drift r, /var/lib/ntp/etc/localtime w, /var/lib/ntp/var/run/ntp/ntpd.pid rw, /var/log/ntp a, /var/run/nscd/services r, } | over 4 years ago | argh, switch things back to complain for a while | 265 | jmichael | Edit | History | |
| ubuntu-gutsy | /usr/sbin/portsentry | #include <tunables/global> /usr/sbin/portsentry flags=(complain) { #include <abstractions/base> /usr/sbin/portsentry mr, } | over 4 years ago | 318 | gejo | Edit | History | ||
| opensuse10.3 | /usr/lib/ssh/x11-ssh-askpass | #include <tunables/global> /usr/lib/ssh/x11-ssh-askpass { #include <abstractions/base> /usr/lib/ssh/x11-ssh-askpass mr, } | over 4 years ago | none | 240 | cinimod | Edit | History | |
| opensuse11.0 | /bin/arch | #include <tunables/global> /bin/arch flags=(complain) { #include <abstractions/base> } | about 1 year ago | 62 | MONGRANDUC | Edit | History | ||
| opensuse11.0 | /usr/lib/firefox/firefox.sh | #include <tunables/global> /usr/lib/firefox/firefox.sh { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, ^null-1159 { /dev/urandom r, } ^null-1af { /dev/shm/ r, owner /dev/shm/pulse-shm-1336710452 r, owner /dev/shm/pulse-shm-1701642870 r, owner /dev/shm/pulse-shm-2439352966 r, owner /dev/shm/pulse-shm-2441896503 rw, /dev/urandom r, /etc/ld.so.cache r, /etc/mailcap r, /etc/mime.types r, /etc/mtab r, /etc/pulse/client.conf r, /etc/resolv.conf r, /etc/services r, owner /home/*/.esd_auth r, owner /home/*/.mozilla/** r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/0438DB5Bd01 rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/45A3934Ed01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/643FBE4Bd01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/75BE42DDd01 rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/9B59C0CDd01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/A47014BDd01 rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/AA689699d01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/AC969064d01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/B541EE9Dd01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/C80991C2d01 rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/CF73296Fd01 rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/F89A0BDAd01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/_CACHE_001_ rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/_CACHE_002_ rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/_CACHE_003_ rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/XPC.mfasl rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/XUL.mfasl rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/content-prefs.sqlite rk, owner /home/*/.mozilla/firefox/9bgr3l2j.default/cookies.sqlite w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/cookies.sqlite-journal w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{DDC359D1-844A-42a7-9AA1-88A850A938A8\}/icon.png r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/icon.png r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3\}/content/extovl.xul r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3\}/content/pie.png r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/places.sqlite rwk, owner /home/*/.mozilla/firefox/9bgr3l2j.default/places.sqlite-journal rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/pluginreg.dat rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/prefs-1.js w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/sessionstore-1.js w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/urlclassifier3.sqlite rwk, owner /home/*/.mozilla/firefox/9bgr3l2j.default/urlclassifier3.sqlite-journal w, owner /home/*/.pki/nssdb/cert9.db rk, owner /home/*/.pki/nssdb/key4.db rk, owner /home/*/.pulse-cookie rwk, /lib/lib*so* mr, /proc/meminfo r, /usr/lib/browser-plugins/ r, /usr/lib/firefox/chrome/icons/default/default16.png r, /usr/lib/firefox/chrome/icons/default/default32.png r, /usr/lib/firefox/chrome/icons/default/default48.png r, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/gnome-vfs-2.0/modules/libfile.so mr, /usr/lib/jvm/java-1.6.0-openjdk-1.6.0/jre/lib/i386/IcedTeaPlugin.so mr, /usr/lib/lib*so* mr, /usr/lib/libcanberra-0.18/libcanberra-pulse.so mr, /usr/lib/locale/** r, /usr/lib/pango/1.6.0/modules/pango-arabic-fc.so mr, /usr/lib/pango/1.6.0/modules/pango-arabic-lang.so mr, /usr/lib/pango/1.6.0/modules/pango-thai-fc.so mr, /usr/lib/xulrunner-1.9.2.4/dictionaries/ r, /usr/lib/xulrunner-1.9.2.4/modules/DownloadUtils.jsm r, /usr/share/applications/mimeinfo.cache r, /usr/share/fonts/** r, /usr/share/icons/DMZ/cursors/bottom_right_corner r, /usr/share/icons/DMZ/cursors/hand2 r, /usr/share/locale/** r, /usr/share/mime/mime.cache r, /usr/share/myspell/en_US.aff r, /usr/share/myspell/en_US.dic r, /usr/share/sounds/freedesktop/index.theme r, /var/cache/gio-2.0/defaults.list r, /var/lib/dbus/machine-id r, owner /var/run/gdm/auth-for-usera-FQmTLv/database r, } ^null-1b { capability sys_ptrace, /dev/urandom r, /etc/ld.so.cache r, /etc/mime.types r, /etc/services r, owner /home/*/.adobe/Flash_Player/AssetCache/ r, owner /home/*/.macromedia/Flash_Player/#SharedObjects/ r, owner /home/*/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/settings.sol r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/ABE/rules/ r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/1534E248d01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/3DBFCDF8d01 r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/509EE8C8d01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/555C737Dd01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/72FA32D5d01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/9BCDCEA0d01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/AD4A6281d01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/C4023C98d01 r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/D3E66F98d01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/EB8DFFFFd01 r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/FB13FBF6d01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/FC3D511Cd01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/_CACHE_001_ rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/_CACHE_002_ rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/_CACHE_003_ rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/_CACHE_MAP_ w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/XPC.mfasl r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/cert8.db w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/content-prefs.sqlite rk, owner /home/*/.mozilla/firefox/9bgr3l2j.default/cookies.sqlite wk, owner /home/*/.mozilla/firefox/9bgr3l2j.default/cookies.sqlite-journal w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/formhistory.sqlite rwk, owner /home/*/.mozilla/firefox/9bgr3l2j.default/formhistory.sqlite-journal rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/key3.db w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/localstore-1.rdf w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/mimeTypes.rdf r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/places.sqlite rwk, owner /home/*/.mozilla/firefox/9bgr3l2j.default/places.sqlite-journal rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/pluginreg.dat rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/search.sqlite rk, owner /home/*/.mozilla/firefox/9bgr3l2j.default/sessionstore-1.js w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/urlclassifier3.sqlite rwk, owner /home/*/.mozilla/firefox/9bgr3l2j.default/urlclassifier3.sqlite-journal w, owner /home/*/.mozilla/firefox/profiles.ini r, /lib/lib*so* mr, /proc/ r, /proc/*/cmdline r, /proc/*/stat r, /proc/*/status r, /proc/cpuinfo r, /proc/meminfo r, /proc/stat r, /proc/sys/kernel/pid_max r, /proc/uptime r, owner /tmp/plugtmp-2/plugin-all_V14_spec_120_600.xml w, /usr/lib/browser-plugins/ r, /usr/lib/browser-plugins/libflashplayer.so mr, /usr/lib/firefox/blocklist.xml r, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/jvm/java-1.6.0-openjdk-1.6.0/jre/lib/i386/IcedTeaPlugin.so mr, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/fonts/** r, /usr/share/icons/DMZ/cursors/dnd-copy r, /usr/share/locale/** r, /usr/share/mime/mime.cache r, owner /var/run/gdm/auth-for-usera-zcIQ80/database r, } ^null-1e { /etc/*.cache r, /lib/lib*so* mr, /usr/lib/gconv/*.cache r, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-20 { /etc/*.cache r, /etc/magic r, /lib/lib*so* mr, /usr/lib/firefox/firefox r, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, /usr/share/misc/magic.mgc r, } ^null-22 { /etc/*.cache r, /etc/services r, owner /home/*/**.db w, owner /home/*/**.js rw, owner /home/*/.mozilla/firefox/**.rdf w, owner /home/*/.mozilla/firefox/**.sqlite rwk, owner /home/*/.mozilla/firefox/**.sqlite-journal rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/_CACHE_001_ w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/_CACHE_002_ w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/_CACHE_003_ w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/_CACHE_MAP_ w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/XPC.mfasl r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/adblockplus/patterns.ini-temp w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/blocklist.xml rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/bookmarkbackups/ r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/bookmarkbackups/bookmarks-2010-06-22.json w, /lib/lib*so* mr, /usr/lib/gconv/*.cache r, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-22f7 { /dev/urandom r, /etc/hosts r, /etc/ld.so.cache r, /etc/services r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/* rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/urlclassifier3.sqlite rwk, owner /home/*/Download/openSUSE-11.2-DVD-i586.iso w, /lib/lib*so* mr, /proc/* r, /usr/lib/* mr, /usr/lib/gconv/* r, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-24 { /dev/urandom r, /etc/fonts/** r, /etc/gnome-vfs-2.0/modules/ r, /etc/gnome-vfs-2.0/modules/default-modules.conf r, /etc/gnome-vfs-2.0/modules/smb-module.conf r, /etc/gnome-vfs-2.0/modules/ssl-modules.conf r, /etc/gre.d/ r, /etc/gre.d/1.9.1.9.system.conf r, /etc/gre.d/1.9.2.3.system.conf r, /etc/gtk-2.0/gdk-pixbuf.loaders r, /etc/gtk-2.0/gtk.immodules r, /etc/gtk-2.0/gtkrc r, /etc/ld.so.cache r, /etc/mime.types r, /etc/nsswitch.conf r, /etc/pango/pango.modules r, /etc/passwd r, /etc/resolv.conf r, /etc/selinux/config r, /etc/services r, owner /home/*/.ICEauthority r, owner /home/*/.fontconfig/9c59dcc9b22e2c865779f06f6255adc7-x86.cache-2 r, owner /home/*/.mozilla/extensions/\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}/ r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/.parentlock wk, owner /home/*/.mozilla/firefox/9bgr3l2j.default/ABE/rules/ r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/ABE/rules/SYSTEM.abe r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/ABE/rules/USER.abe r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache.Trash/ r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache.Trash/Trash/ r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache.Trash/Trash/Cache/ r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/0B2B46B9d01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/1A8B79D4d01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/2CABF679d01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/4297084Cd01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/54593247d01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/8C2E15ABd01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/D5E58BB6d01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/F3196A5Cd01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/F4F0C734d01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/FE8C0906d01 w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/_CACHE_001_ rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/_CACHE_002_ rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/_CACHE_003_ w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/Cache/_CACHE_MAP_ rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/NoScriptSTS.db r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/XPC.mfasl r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/XUL.mfasl r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/adblockplus/patterns.ini r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/cert8.db r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/compatibility.ini r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/compreg.dat r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/content-prefs.sqlite rk, owner /home/*/.mozilla/firefox/9bgr3l2j.default/cookies.sqlite rwk, owner /home/*/.mozilla/firefox/9bgr3l2j.default/cookies.sqlite-journal rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/downloads.sqlite rwk, owner /home/*/.mozilla/firefox/9bgr3l2j.default/downloads.sqlite-journal w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions.cache r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions.ini r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions.rdf r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/ r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{73a6fe31-595d-460b-a920-fcc0f8843232\}/chrome.manifest r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{73a6fe31-595d-460b-a920-fcc0f8843232\}/chrome/noscript.jar r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{73a6fe31-595d-460b-a920-fcc0f8843232\}/defaults/preferences/ r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{73a6fe31-595d-460b-a920-fcc0f8843232\}/defaults/preferences/noscript.js r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{DDC359D1-844A-42a7-9AA1-88A850A938A8\}/chrome.manifest r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{DDC359D1-844A-42a7-9AA1-88A850A938A8\}/chrome/chrome.jar r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{DDC359D1-844A-42a7-9AA1-88A850A938A8\}/components/debugService.xpt r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{DDC359D1-844A-42a7-9AA1-88A850A938A8\}/components/filterManager.xpt r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{DDC359D1-844A-42a7-9AA1-88A850A938A8\}/defaults/preferences/ r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{DDC359D1-844A-42a7-9AA1-88A850A938A8\}/defaults/preferences/dta.js r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{DDC359D1-844A-42a7-9AA1-88A850A938A8\}/defaults/preferences/filters.js r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{DDC359D1-844A-42a7-9AA1-88A850A938A8\}/defaults/preferences/privacycontrol.js r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/chrome.manifest r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/chrome/adblockplus.jar r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/defaults/preferences/ r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d\}/defaults/preferences/adblockplus.js r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3\}/chrome.manifest r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3\}/defaults/preferences/ r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3\}/defaults/preferences/bpprefs.js r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3\}/skin/BetterPrivacyButton.css r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/extensions/\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3\}/skin/btn_large.png r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/formhistory.sqlite rk, owner /home/*/.mozilla/firefox/9bgr3l2j.default/key3.db r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/localstore.rdf r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/mimeTypes.rdf r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/permissions.sqlite rk, owner /home/*/.mozilla/firefox/9bgr3l2j.default/places.sqlite rwk, owner /home/*/.mozilla/firefox/9bgr3l2j.default/places.sqlite-journal rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/pluginreg.dat rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/prefs-1.js w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/prefs.js r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/search.json r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/search.sqlite rk, owner /home/*/.mozilla/firefox/9bgr3l2j.default/searchplugins/ r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/secmod.db r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/sessionstore-1.js w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/sessionstore.bak w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/sessionstore.js r, owner /home/*/.mozilla/firefox/9bgr3l2j.default/urlclassifier3.sqlite rwk, owner /home/*/.mozilla/firefox/9bgr3l2j.default/urlclassifier3.sqlite-journal w, owner /home/*/.mozilla/firefox/9bgr3l2j.default/urlclassifierkey3.txt rw, owner /home/*/.mozilla/firefox/9bgr3l2j.default/xpti.dat r, owner "/home/*/.mozilla/firefox/Crash Reports/InstallTime2010040100" r, owner "/home/*/.mozilla/firefox/Crash Reports/LastCrash" r, owner /home/*/.mozilla/firefox/profiles.ini r, /lib/lib*so* mr, owner /proc/*/mounts r, /proc/cpuinfo r, /proc/meminfo r, /tmp/ r, /usr/lib/browser-plugins/ r, /usr/lib/firefox/application.ini r, /usr/lib/firefox/chrome/ r, /usr/lib/firefox/chrome/browser.jar r, /usr/lib/firefox/chrome/browser.manifest r, /usr/lib/firefox/chrome/classic.jar r, /usr/lib/firefox/chrome/classic.manifest r, /usr/lib/firefox/chrome/en-US.jar r, /usr/lib/firefox/chrome/en-US.manifest r, /usr/lib/firefox/chrome/icons/default/default16.png r, /usr/lib/firefox/chrome/icons/default/default32.png r, /usr/lib/firefox/chrome/icons/default/default48.png r, /usr/lib/firefox/chrome/reporter.manifest r, /usr/lib/firefox/components/browser.xpt r, /usr/lib/firefox/components/libbrowsercomps.so mr, /usr/lib/firefox/components/libbrowserdirprovider.so mr, /usr/lib/firefox/defaults/preferences/ r, /usr/lib/firefox/defaults/preferences/channel-prefs.js r, /usr/lib/firefox/defaults/preferences/firefox-branding.js r, /usr/lib/firefox/defaults/preferences/firefox-build.js r, /usr/lib/firefox/defaults/preferences/firefox-l10n.js r, /usr/lib/firefox/defaults/preferences/firefox-openSUSE.js r, /usr/lib/firefox/defaults/preferences/firefox.js r, /usr/lib/firefox/defaults/preferences/kde.js r, } ^null-26 { /dev/urandom r, /etc/* r, owner /home/*/.mozilla/firefox/** rwk, /lib/* mr, /proc/meminfo r, /usr/lib/gconv/gconv-modules.cache r, /usr/lib/lib*so* mr, /usr/lib/locale/** r, /usr/share/locale/** r, } ^null-396 { } ^null-398 { /etc/ld.so.cache r, /etc/magic r, /lib/lib*so* mr, } ^null-39a { } ^null-39c { } ^null-3ac { } ^null-3ae { } ^null-3b0 { } ^null-3b2 { } ^null-477 { owner /home/*/.mozilla/firefox/x1nowm3w.default/places.sqlite-journal w, } } | about 1 year ago | 88 | usera | Edit | History | ||
| ubuntu-gutsy | /usr/lib/postgresql/8.3/bin/postgres | #include <tunables/global> /usr/lib/postgresql/8.3/bin/postgres { #include <abstractions/base> #include <abstractions/nameservice> /etc/postgresql-common/* r, /etc/postgresql/** r, /etc/ssl/** r, /usr/lib/** mr, /usr/shar/share/zoneinfo/ r, /usr/share/postgresql/8.3/timezonesets/* r, /usr/share/zoneinfo/ r, /var/lib/postgresql/8.3/main/** lrw, /var/run/postgresql/* w, } | over 3 years ago | 237 | stive | Edit | History | ||
| opensuse11.0 | /usr/lib64/firefox/firefox.sh | #include <tunables/global> /usr/lib64/firefox/firefox.sh { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, } | over 3 years ago | 237 | josemanuel | Edit | History | ||
| ubuntu-gutsy | /usr/lib/libgconf2-4/gconfd-2 | #include <tunables/global> /usr/lib/libgconf2-4/gconfd-2 { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /etc/gconf/2/path r, /etc/gconf/gconf.xml.defaults/ r, /etc/gconf/gconf.xml.defaults/%%gconf-tree.xml r, /etc/gconf/gconf.xml.mandatory/ r, /etc/gconf/gconf.xml.mandatory/%%gconf-tree.xml r, /home/*/.gconf/ r, /home/*/.gconf/.testing.writeability w, /home/*/.gconf/apps/ r, /home/*/.gconf/apps/deskbar/* rw, /home/*/.gconf/apps/evolution/* rw, /home/*/.gconf/apps/evolution/**.xml rw, /home/*/.gconf/apps/evolution/addressbook/ r, /home/*/.gconf/apps/evolution/calendar/ r, /home/*/.gconf/apps/evolution/calendar/display/ r, /home/*/.gconf/apps/evolution/calendar/memos/ r, /home/*/.gconf/apps/evolution/calendar/notify/ r, /home/*/.gconf/apps/evolution/calendar/tasks/ r, /home/*/.gconf/apps/evolution/mail/ r, /home/*/.gconf/apps/evolution/mail/*.new rw, /home/*/.gconf/apps/evolution/memos/ r, /home/*/.gconf/apps/evolution/memos/* r, /home/*/.gconf/apps/evolution/shell/ r, /home/*/.gconf/apps/evolution/shell/*.new rw, /home/*/.gconf/apps/evolution/shell/view_defaults/ r, /home/*/.gconf/apps/evolution/shell/view_defaults/*.new rw, /home/*/.gconf/apps/evolution/shell/view_defaults/folder_bar/ r, /home/*/.gconf/apps/evolution/shell/view_defaults/folder_bar/*.new rw, /home/*/.gconf/apps/evolution/tasks/ r, /home/*/.gconf/apps/gnome-screensaver/%%gconf.xml.new rw, /home/*/.gconf/apps/gnome-screensaver/*.xml rw, /home/*/.gconf/apps/metacity/ r, /home/*/.gconf/apps/metacity/*.xml r, /home/*/.gconf/apps/metacity/general/ r, /home/*/.gconf/apps/metacity/general/*.xml r, /home/*/.gconf/apps/nautilus/ r, /home/*/.gconf/apps/nautilus/preferences/*.xml r, /home/*/.gconf/apps/panel/ r, /home/*/.gconf/apps/panel/applets/clock_screen0/ r, /home/*/.gconf/apps/panel/applets/clock_screen0/**.xml rw, /home/*/.gconf/apps/panel/applets/clock_screen0/prefs/ r, /home/*/.gconf/apps/panel/applets/clock_screen0/prefs/*.new rw, /home/*/.gconf/apps/panel/applets/clock_screen0/prefs/timezones/ r, /home/*/.gconf/apps/panel/applets/clock_screen0/prefs/timezones/*.new rw, /home/*/.gconf/apps/panel/applets/deskbar_screen0/ r, /home/*/.gconf/apps/panel/applets/fast_user_switch_screen0/ r, /home/*/.gconf/apps/panel/applets/fast_user_switch_screen0/prefs/ r, /home/*/.gconf/apps/panel/applets/fast_user_switch_screen0/prefs/*.new rw, /home/*/.gconf/apps/panel/applets/fast_user_switch_screen0/prefs/*.xml rw, /home/*/.gconf/apps/panel/applets/mixer_screen0/ r, /home/*/.gconf/apps/panel/applets/notification_area_screen0/ r, /home/*/.gconf/apps/panel/applets/show_desktop_button_screen0/ r, /home/*/.gconf/apps/panel/applets/trashapplet_screen0/ r, /home/*/.gconf/apps/panel/applets/window_list_screen0/ r, /home/*/.gconf/apps/panel/applets/window_list_screen0/prefs/ r, /home/*/.gconf/apps/panel/applets/window_list_screen0/prefs/*.new rw, /home/*/.gconf/apps/panel/applets/window_list_screen0/prefs/*.xml rw, /home/*/.gconf/apps/panel/applets/workspace_switcher_screen0/ r, /home/*/.gconf/apps/panel/applets/workspace_switcher_screen0/**.xml rw, /home/*/.gconf/apps/panel/applets/workspace_switcher_screen0/prefs/ r, /home/*/.gconf/apps/panel/applets/workspace_switcher_screen0/prefs/*.new rw, /home/*/.gconf/apps/panel/general/*.xml r, /home/*/.gconf/apps/panel/toplevels/ r, /home/*/.gconf/apps/panel/toplevels/bottom_panel_screen0/ r, /home/*/.gconf/apps/panel/toplevels/bottom_panel_screen0/*.xml r, /home/*/.gconf/apps/panel/toplevels/bottom_panel_screen0/background/%%gconf.xml r, /home/*/.gconf/desktop/ r, /home/*/.gconf/desktop/gnome/ r, /home/*/.gconf/desktop/gnome/*.xml r, /home/*/.gconf/desktop/gnome/accessibility/ r, /home/*/.gconf/desktop/gnome/accessibility/keyboard/*.xml r, /home/*/.gconf/desktop/gnome/applications/ r, /home/*/.gconf/desktop/gnome/applications/window_manager/*.new rw, /home/*/.gconf/desktop/gnome/applications/window_manager/*.xml rw, /home/*/.gconf/desktop/gnome/background/%%gconf.xml r, /home/*/.gconf/desktop/gnome/font_rendering/*.xml r, /home/*/.gconf/desktop/gnome/peripherals/ r, /home/*/.gconf/desktop/gnome/peripherals/keyboard/ r, /home/*/.gconf/desktop/gnome/peripherals/keyboard/%%gconf.xml r, /home/*/.gconfd/saved_state rw, /home/*/.gconfd/saved_state.orig w, /home/*/.gconfd/saved_state.tmp rw, /tmp/gconfd-void/lock/0t1193126927ut222865u1000p17459r1477785876k3219965624 kw, /usr/lib/libgconf2-4/gconfd-2 mr, /var/lib/gconf/debian.defaults/ r, /var/lib/gconf/debian.defaults/*.xml r, /var/lib/gconf/defaults/ r, /var/lib/gconf/defaults/*.xml r, } | over 4 years ago | gnome | 388 | hbpteam | Edit | History | |
| ubuntu-gutsy | /usr/lib/nautilus-cd-burner/mapping-daemon | #include <tunables/global> /usr/lib/nautilus-cd-burner/mapping-daemon { #include <abstractions/base> #include <abstractions/user-tmp> /etc/nsswitch.conf r, /etc/passwd r, /usr/lib/nautilus-cd-burner/mapping-daemon mr, } | over 4 years ago | gnome | 282 | hbpteam | Edit | History | |
| ubuntu-gutsy | /bin/pwd | #include <tunables/global> /bin/pwd flags=(complain) { #include <abstractions/base> / r, /bin/pwd mr, /home/ r, } | over 4 years ago | gnome | 293 | hbpteam | Edit | History | |
| opensuse11.0 | /opt/kde3/bin/konqueror | #include <tunables/global> /opt/kde3/bin/konqueror flags=(complain) { #include <abstractions/base> /opt/kde3/lib64/libDCOP.so.* mr, /opt/kde3/lib64/libconnectionmanager.so.* mr, /opt/kde3/lib64/libkdecore.so.* mr, /opt/kde3/lib64/libkdefx.so.* mr, /opt/kde3/lib64/libkdesu.so.* mr, /opt/kde3/lib64/libkdeui.so.* mr, /opt/kde3/lib64/libkio.so.* mr, /opt/kde3/lib64/libkonq.so.* mr, /opt/kde3/lib64/libkparts.so.* mr, /opt/kde3/lib64/libkutils.so.* mr, /opt/kde3/lib64/libkwalletclient.so.* mr, /opt/kde3/lib64/libnetworkstatus.so.* mr, } | about 1 year ago | 76 | test2 | Edit | History | ||
| opensuse11.0 | /usr/bin/nm-openvpn-service-openvpn-helper | #include <tunables/global> /usr/bin/nm-openvpn-service-openvpn-helper { #include <abstractions/base> #include <abstractions/dbus> owner /usr/bin/nm-openvpn-service-openvpn-helper mr, } | over 3 years ago | 239 | delder | Edit | History | ||
| opensuse10.3 | /FYP/FileReadWrite | #include <tunables/global> /FYP/FileReadWrite { #include <abstractions/base> /FYP/FileReadWrite mr, /FYP/data/prices.dat rw, } | over 3 years ago | 245 | FYPJ | Edit | History | ||
| opensuse10.3 | /usr/bin/package-manager | #include <tunables/global> /usr/bin/package-manager flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/bin/package-manager mr, } | over 4 years ago | argh, switch things back to complain for a while | 276 | jmichael | Edit | History | |
| ubuntu-gutsy | /usr/bin/ttb | #include <tunables/global> /usr/bin/ttb { #include <abstractions/base> /usr/bin/python2.5 ix, /usr/bin/ttb mr, } | over 4 years ago | gnome | 340 | hbpteam | Edit | History | |
| opensuse10.3 | /usr/lib/ssh/x11-ssh-askpass | #include <tunables/global> /usr/lib/ssh/x11-ssh-askpass { #include <abstractions/base> /usr/lib/ssh/x11-ssh-askpass mr, } | over 4 years ago | Import of jmichaels profiles | 253 | dominic | Edit | History | |
| opensuse11.0 | /usr/lib64/firefox/firefox | #include <tunables/global> /usr/lib64/firefox/firefox flags=(complain) { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /** r, /etc/gre.d/ r, owner /home/*/.beagle/socket w, /home/*/.beagle/socket r, owner /home/*/.config/gtk-2.0/* w, /home/*/.config/gtk-2.0/* r, owner /home/*/.config/qtcurve.gtk-colors w, /home/*/.config/qtcurve.gtk-colors r, owner /home/*/.config/qtcurve.gtk-icons w, /home/*/.config/qtcurve.gtk-icons r, owner /home/*/.mozilla/firefox/** w, /home/*/.mozilla/firefox/** r, owner /home/*/.mozilla/firefox/*/* wk, /home/*/.mozilla/firefox/*/* r, owner /home/*/.mozilla/firefox/*/Cache.Trash/ w, owner /var/mozilla/*/.mozilla/firefox/** w, /var/mozilla/*/.mozilla/firefox/** r, owner /var/mozilla/*/.mozilla/firefox/*/* wk, /var/mozilla/*/.mozilla/firefox/*/* r, owner /var/mozilla/*/.mozilla/firefox/*/Cache.Trash/ w, } | about 1 year ago | setupd | 119 | Anon | Edit | History | |
| ubuntu-gutsy | /usr/lib/postfix/qmgr | # $Id: usr.lib.postfix.qmgr 741 2007-06-11 22:55:56Z seth_arnold $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2006 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/lib/postfix/qmgr { #include <abstractions/base> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <program-chunks/postfix-common> /etc/mailname r, /usr/lib/postfix/qmgr rmix, /var/spool/postfix/** krw, /{var/spool/postfix/,}active/ r, /{var/spool/postfix/,}active/[0-9A-F]/ rwl, /{var/spool/postfix/,}active/[0-9A-F]/[0-9A-F]/ rwl, /{var/spool/postfix/,}active/[0-9A-F]/[0-9A-F]/* rwl, /{var/spool/postfix/,}defer/ r, /{var/spool/postfix/,}defer/[0-9A-F]/ rwl, /{var/spool/postfix/,}defer/[0-9A-F]/[0-9A-F]/ rwl, /{var/spool/postfix/,}defer/[0-9A-F]/[0-9A-F]/* rwl, /{var/spool/postfix/,}deferred/ r, /{var/spool/postfix/,}deferred/[0-9A-F]/ rwl, /{var/spool/postfix/,}deferred/[0-9A-F]/[0-9A-F]/ rwl, /{var/spool/postfix/,}deferred/[0-9A-F]/[0-9A-F]/* rwl, /{var/spool/postfix/,}incoming/ r, /{var/spool/postfix/,}incoming/[0-9A-F]/ rwl, /{var/spool/postfix/,}incoming/[0-9A-F]/[0-9A-F]/ rwl, /{var/spool/postfix/,}incoming/[0-9A-F]/[0-9A-F]/* rwl, /{var/spool/postfix/,}private/bounce w, /{var/spool/postfix/,}private/defer w, /{var/spool/postfix/,}private/local w, /{var/spool/postfix/,}private/relay w, /{var/spool/postfix/,}private/rewrite w, /{var/spool/postfix/,}private/smtp w, /{var/spool/postfix/,}private/trace w, /{var/spool/postfix/,}private/uucp w, /{var/spool/postfix/,}public/flush w, /{var/spool/postfix/,}public/qmgr r, } | over 3 years ago | 216 | stive | Edit | History | ||
| opensuse10.3 | /usr/bin/mplayer | #include <tunables/global> /usr/bin/mplayer flags=(complain) { #include <abstractions/X> #include <abstractions/audio> #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/freedeskt |