²é¿´:Skype 1.4.0.99 reads /etc/ passwd and firefox profile!
¸ü¶à¼Ç¼:
...
Aug 25 01:34:02 desknote kernel: [ 9116.625673] audit(1188002042.632:13467): REJECTING r access to /etc/ passwd (skype(8470) profile /usr/bin/skype active /usr/bin/skype)
...
# vim:syntax=apparmor
# Last Modified: Sat Aug 25 00:37:50 2007
#include
/usr/bin/skype {
#include
/dev/snd/controlC0 rw,
/dev/snd/pcmC0D0c rw,
/dev/snd/pcmC0D0p rw,
/dev/snd/pcmC0D1c rw,
/dev/snd/timer r,
/home/*/.Skype rw,
/home/*/.Skype/** rw,
/home/*/.config/Trolltech.conf r,
/home/*/.fontconfig/* r,
/home/*/.fonts/* r,
/home/*/.Xauthority r,
/home/*/.kde/share/config/kioslaverc r,
/home/*/.ICEauthority r,
/home/*/.mozilla r,
/home/*/.mozilla/plugins r,
/home/*/.mozilla/firefox r,
/usr/bin/skype mr,
/usr/share/alsa/** r,
/usr/share/fonts/** r,
/usr/share/icons/** r,
/usr/share/locale-langpack/** r,
/usr/share/skype/** r,
/usr/share/X11/XKeysymDB r,
/var/cache/fontconfig/* r,
/var/lib/defoma/fontconfig.d/fonts.conf r,
/tmp/** rw,
/etc/fonts/** r,
/etc/resolv.conf r,
/etc/hosts r,
/etc/nsswitch.conf r,
/etc/gai.conf r,
/etc/ passwd r,
/etc/group r,
/proc/1/cmdline r,
/proc/interrupts r,
}