diff options
-rw-r--r-- | apparmor-profiles/usr.bin.chromium | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/apparmor-profiles/usr.bin.chromium b/apparmor-profiles/usr.bin.chromium index 0f7d4d2..5eb53db 100644 --- a/apparmor-profiles/usr.bin.chromium +++ b/apparmor-profiles/usr.bin.chromium @@ -71,6 +71,7 @@ # chromium mmaps all kinds of things for speed. /etc/passwd m, /usr/share/fonts/truetype/**/*.tt[cf] m, + /usr/share/fonts/opentype/**/*.tt[cf] m, /usr/share/fonts/**/*.pfb m, /usr/share/mime/mime.cache m, /usr/share/icons/**/*.cache m, @@ -147,6 +148,10 @@ /usr/bin/xdg-settings Cxr -> xdgsettings, /usr/bin/lsb_release Cxr -> lsb_release, + /usr/lib/chromium/icudtl.dat rm, + /usr/lib/chromium/natives_blob.bin rm, + /usr/lib/chromium/snaptshot_blob.bin rm, + # GSettings owner /{,var/}run/user/*/dconf/ rw, owner /{,var/}run/user/*/dconf/user rw, @@ -263,8 +268,8 @@ profile chromium_browser_sandbox flags=(attach_disconnected) { /usr/bin/chromium r, /usr/lib/chromium/chromium Px, - /usr/lib/chromium/chromium-sandbox r, - /usr/lib/chromium/chrome-sandbox r, + /usr/lib/chromium/chromium-sandbox mr, + /usr/lib/chromium/chrome-sandbox mr, /dev/null rw, |