[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [obfsproxy/master] basic AppArmor obfsproxy profile
commit f8a71be3206b56dc832a7496adee5c10caabea54
Author: Jacob Appelbaum <jacob@xxxxxxxxxxxxx>
Date: Mon Feb 13 18:28:12 2012 -0500
basic AppArmor obfsproxy profile
---
misc/obfsproxy.apparmor | 33 +++++++++++++++++++++++++++++++++
1 files changed, 33 insertions(+), 0 deletions(-)
diff --git a/misc/obfsproxy.apparmor b/misc/obfsproxy.apparmor
new file mode 100644
index 0000000..3117646
--- /dev/null
+++ b/misc/obfsproxy.apparmor
@@ -0,0 +1,33 @@
+# vim:syntax=apparmor
+# Last Modified: Mon Feb 13 18:13:47 EST 2012
+# Author: Jacob Appelbaum <jacob@xxxxxxxxxxxxx>
+#include <tunables/global>
+
+#
+/usr/local/bin/obfsproxy {
+ #include <abstractions/base>
+ #include <abstractions/nameservice>
+
+ /lib/ r,
+ /lib/** rmixk,
+ /usr/local/lib/ r,
+ /usr/local/lib/** rmixk,
+ /lib32/ r,
+ /lib32/** rmixk,
+ /lib64/ r,
+ /lib64/** rmixk,
+
+ capability net_bind_service,
+
+ network packet,
+
+ /proc/sys/kernel/random/uuid r,
+ /dev/random r,
+ /dev/urandom r,
+
+ /usr/local/bin/obfsproxy mr,
+
+ ### XXX: TODO
+ # we need a generic place for log files to be written
+
+}
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits