Мой конфиг AppArmor для скайпа. Ребята они хорошие, но closed source есть closed source.

max@ulidtko:~$ cat /etc/apparmor.d/usr.bin.skype
# Last Modified: Mon Jan 10 05:14:48 2011
#include <tunables/global>

/usr/bin/skype {
#include <abstractions/audio>
#include <abstractions/base>
#include <abstractions/fonts>
#include <abstractions/freedesktop.org>
#include <abstractions/gnome>
#include <abstractions/dbus-session>
#include <abstractions/nameservice>
#include <abstractions/private-files-strict>
#include <abstractions/ssl_certs>
#include <abstractions/video>

/etc/passwd mr,
/etc/group mr,
deny /etc/xdg/Trolltech.conf k,
deny @{HOME}/.config/ mrwk,
deny @{HOME}/.mozilla** mrwk,
deny /sys/** mrwk,
deny /proc/*/fd/ r,

/dev/ r,
/dev/snd/* mrw,
/dev/shm/pulse-shm-* mrw,
/etc/xdg/Trolltech.conf r,
@{HOME}/.Skype** rwk,
@{HOME}/.config/Trolltech.conf rk,
owner @{HOME}/.config/ibus/** rw,
/usr/share/fonts/** mr,
/usr/share/locale-langpack/** mr,
/usr/share/skype/** mrk,
/etc/ssl/** r,
}

#thhzs

add comment recommend bookmark subscribe