Deny access to zsh* configs in private-files
Bug #761217 reported by
Felix Geyer
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apparmor (Ubuntu) |
Fix Released
|
Low
|
Jamie Strandboge |
Bug Description
Binary package hint: apparmor
AppArmor should deny access to zsh configs (like .zshrc, .zshenv, ...) in the private-files abstraction.
Related branches
tags: | added: patch |
To post a comment you must log in.
Thanks for reporting a bug and helping to make Ubuntu better. .zshrv is already covered by:
deny @{HOME}/.*rc mrk,
audit deny @{HOME}/.*rc wl,
But adjusting the profile to do this seems fine:
deny @{HOME}/.{ba,z}sh* mrk,
audit deny @{HOME}/.{ba,z}sh* wl,