| 1 | # Last Modified: Wed Jan 18 12:29:15 2012 |
| 2 | # ------------------------------------------------------------------ |
| 3 | # |
| 4 | # Copyright (C) 2002-2005 Novell/SUSE |
| 5 | # |
| 6 | # This program is free software; you can redistribute it and/or |
| 7 | # modify it under the terms of version 2 of the GNU General Public |
| 8 | # License published by the Free Software Foundation. |
| 9 | # |
| 10 | # ------------------------------------------------------------------ |
| 11 | |
| 12 | #include <tunables/global> |
| 13 | |
| 14 | /usr/bin/pidgin { |
| 15 | #include <abstractions/audio> |
| 16 | #include <abstractions/base> |
| 17 | #include <abstractions/bash> |
| 18 | #include <abstractions/consoles> |
| 19 | #include <abstractions/gnome> |
| 20 | #include <abstractions/kde> |
| 21 | #include <abstractions/nameservice> |
| 22 | #include <abstractions/perl> |
| 23 | #include <abstractions/user-tmp> |
| 24 | |
| 25 | deny capability sys_ptrace, |
| 26 | |
| 27 | |
| 28 | deny /usr/share/enchant/enchant.ordering r, |
| 29 | |
| 30 | /bin/bash rix, |
| 31 | /dev/random r, |
| 32 | /etc/esd.conf r, |
| 33 | /etc/pango/pango.modules r, |
| 34 | /etc/pango/pango64.modules r, |
| 35 | /home/** mrwk, |
| 36 | /home/harvie/private/dotfiles/.purple/answerscripts px, |
| 37 | /opt/MozillaFirefox/bin/firefox.sh Px, |
| 38 | /opt/kde/share/** r, |
| 39 | /opt/kde3/bin/kde-config mrix, |
| 40 | owner /tmp/** rwlk, |
| 41 | /tmp/** m, |
| 42 | /usr/X11R6/lib/Acrobat*/Resource/Font/* r, |
| 43 | /usr/X11R6/lib/Acrobat*/Resource/Font/PFM/* r, |
| 44 | /usr/bin/pidgin mrix, |
| 45 | /usr/bin/purple-remote r, |
| 46 | /usr/lib/GConf/2/gconfd-2 Px, |
| 47 | /usr/lib/ao/plugins-* r, |
| 48 | /usr/lib/aspell-** mr, |
| 49 | /usr/lib/jvm/java-*/jre/lib/fonts/** r, |
| 50 | /usr/lib/ooo-*/share/fonts/** r, |
| 51 | /usr/lib/tcl*/encoding/* r, |
| 52 | /usr/lib64/ao/plugins-* r, |
| 53 | /usr/lib64/aspell-* r, |
| 54 | /usr/lib{,32,64}/** mr, |
| 55 | /usr/share/*/ r, |
| 56 | /usr/share/alsa/alsa.conf r, |
| 57 | /usr/share/icons r, |
| 58 | /usr/share/icons/** r, |
| 59 | /usr/share/pixmaps r, |
| 60 | /usr/share/pixmaps/pidgin/** r, |
| 61 | /usr/share/sounds/pidgin/* r, |
| 62 | /usr/share/tcl/tcl*/encoding/* r, |
| 63 | /usr/share/themes/** r, |
| 64 | /var/db/nscd/* r, |
| 65 | /{,var/}run/.resmgr_socket w, |
| 66 | @{HOME}/.fonts r, |
| 67 | @{HOME}/.gnome2/nautilus-sendto/* rw, |
| 68 | @{HOME}/.gtk_qt_engine_rc r, |
| 69 | @{HOME}/.icons/** r, |
| 70 | @{HOME}/.kde/share/config/gtkrc-* r, |
| 71 | @{HOME}/.mcop/random-seed rw, |
| 72 | @{HOME}/.mcoprc r, |
| 73 | @{HOME}/.purple r, |
| 74 | @{HOME}/.purple/** rwl, |
| 75 | @{HOME}/.themes/** r, |
| 76 | @{HOME}/private/dotfiles/.purple r, |
| 77 | @{HOME}/private/dotfiles/.purple/** rwl, |
| 78 | @{PROC}/*/cmdline r, |
| 79 | |
| 80 | } |