41 lines
1019 B
Django/Jinja
41 lines
1019 B
Django/Jinja
#include <tunables/global>
|
|
|
|
/opt/sublime_text*/sublime_text {
|
|
#include <abstractions/base>
|
|
#include <abstractions/X>
|
|
#include <abstractions/ibus>
|
|
#include <abstractions/dbus>
|
|
#include <abstractions/dbus-session>
|
|
#include <abstractions/dbus-accessibility>
|
|
#include <abstractions/dbus-session-strict>
|
|
#include <abstractions/gnome>
|
|
|
|
/usr/share/mate/applications/** r,
|
|
/usr/bin/caja rwix,
|
|
/usr/share/glib-*/schemas/** r,
|
|
/dev/null r,
|
|
|
|
/{dev,run}/{,shm/}** rwmkl,
|
|
/opt/sublime_text/ rwixmkl,
|
|
/opt/sublime_text/** rwixmkl,
|
|
|
|
owner @{HOME}/.config/sublime-text/ rwmkl,
|
|
owner @{HOME}/.config/sublime-text/** rwmkl,
|
|
owner @{HOME}/.cache/sublime-text/ rwmkl,
|
|
owner @{HOME}/.cache/sublime-text/** rwmkl,
|
|
owner @{HOME}/ rwmkl,
|
|
owner @{HOME}/** rwmkl,
|
|
owner /tmp/ rwmkl,
|
|
owner /tmp/** rwmkl,
|
|
|
|
deny network inet,
|
|
deny network inet6,
|
|
deny network raw,
|
|
}
|
|
|
|
/opt/sublime_text*/plugin_host {
|
|
#include <abstractions/base>
|
|
deny network inet,
|
|
deny network inet6,
|
|
deny network raw,
|
|
} |