summaryrefslogtreecommitdiffstats
path: root/apparmor-profiles/usr.bin.chromium
diff options
context:
space:
mode:
Diffstat (limited to 'apparmor-profiles/usr.bin.chromium')
-rw-r--r--apparmor-profiles/usr.bin.chromium9
1 files changed, 7 insertions, 2 deletions
diff --git a/apparmor-profiles/usr.bin.chromium b/apparmor-profiles/usr.bin.chromium
index 0f7d4d2..5eb53db 100644
--- a/apparmor-profiles/usr.bin.chromium
+++ b/apparmor-profiles/usr.bin.chromium
@@ -71,6 +71,7 @@
# chromium mmaps all kinds of things for speed.
/etc/passwd m,
/usr/share/fonts/truetype/**/*.tt[cf] m,
+ /usr/share/fonts/opentype/**/*.tt[cf] m,
/usr/share/fonts/**/*.pfb m,
/usr/share/mime/mime.cache m,
/usr/share/icons/**/*.cache m,
@@ -147,6 +148,10 @@
/usr/bin/xdg-settings Cxr -> xdgsettings,
/usr/bin/lsb_release Cxr -> lsb_release,
+ /usr/lib/chromium/icudtl.dat rm,
+ /usr/lib/chromium/natives_blob.bin rm,
+ /usr/lib/chromium/snaptshot_blob.bin rm,
+
# GSettings
owner /{,var/}run/user/*/dconf/ rw,
owner /{,var/}run/user/*/dconf/user rw,
@@ -263,8 +268,8 @@ profile chromium_browser_sandbox flags=(attach_disconnected) {
/usr/bin/chromium r,
/usr/lib/chromium/chromium Px,
- /usr/lib/chromium/chromium-sandbox r,
- /usr/lib/chromium/chrome-sandbox r,
+ /usr/lib/chromium/chromium-sandbox mr,
+ /usr/lib/chromium/chrome-sandbox mr,
/dev/null rw,