OXIESEC PANEL
- Current Dir:
/
/
etc
/
apparmor.d
/
abstractions
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
10/28/2024 08:41:33 AM
rwxr-xr-x
📄
X
1.86 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
apache2-common
869 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📁
apparmor_api
-
05/09/2024 07:14:29 AM
rwxr-xr-x
📄
aspell
308 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
audio
1.72 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
authentication
1.55 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
base
6.21 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
bash
1.48 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
consoles
798 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
cups-client
714 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
dbus
593 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
dbus-accessibility
630 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
dbus-accessibility-strict
637 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
dbus-session
638 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
dbus-session-strict
919 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
dbus-strict
677 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
dconf
246 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
dovecot-common
572 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
enchant
1.96 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
fcitx
456 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
fcitx-strict
712 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
fonts
1.93 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
freedesktop.org
2.37 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
gnome
3.3 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
gnupg
356 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
ibus
640 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
kde
2.01 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
kerberosclient
1.08 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
launchpad-integration
824 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
ldapclient
686 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
libpam-systemd
659 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
likewise
489 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📁
lxc
-
05/09/2024 07:15:54 AM
rwxr-xr-x
📄
mdns
436 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
mir
593 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
mozc
471 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
mysql
641 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
nameservice
3.75 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
nis
524 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
nvidia
519 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
openssl
470 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
orbit2
93 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
p11-kit
899 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
perl
872 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
php
974 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
php5
105 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
postfix-common
1.08 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
private-files
1.48 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
private-files-strict
1006 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
python
1.5 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
ruby
906 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
samba
834 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
smbpass
476 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
ssl_certs
924 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
ssl_keys
650 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
svn-repositories
1.61 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
ubuntu-bittorrent-clients
698 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
ubuntu-browsers
1.62 KB
09/27/2018 06:20:54 PM
rw-r--r--
📁
ubuntu-browsers.d
-
05/09/2024 07:14:29 AM
rwxr-xr-x
📄
ubuntu-console-browsers
611 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
ubuntu-console-email
601 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
ubuntu-email
902 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
ubuntu-feed-readers
339 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
ubuntu-gnome-terminal
182 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
ubuntu-helpers
3.35 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
ubuntu-konsole
343 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
ubuntu-media-players
2.18 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
ubuntu-unity7-base
2.39 KB
09/27/2018 06:20:54 PM
rw-r--r--
📄
ubuntu-unity7-launcher
191 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
ubuntu-unity7-messaging
192 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
ubuntu-xterm
237 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
user-download
876 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
user-mail
837 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
user-manpages
889 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
user-tmp
654 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
user-write
864 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
video
123 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
wayland
580 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
web-data
705 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
winbind
739 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
wutmp
585 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
xad
883 bytes
09/27/2018 06:20:54 PM
rw-r--r--
📄
xdg-desktop
673 bytes
09/27/2018 06:20:54 PM
rw-r--r--
Editing: ubuntu-helpers
Close
# Lenient profile that is intended to be used when 'Ux' is desired but # does not provide enough environment sanitizing. This effectively is an # open profile that blacklists certain known dangerous files and also # does not allow any capabilities. For example, it will not allow 'm' on files # owned be the user invoking the program. While this provides some additional # protection, please use with care as applications running under this profile # are effectively running without any AppArmor protection. Use this profile # only if the process absolutely must be run (effectively) unconfined. # # Usage: # Because this abstraction defines the sanitized_helper profile, it must only # be #included once. Therefore this abstraction should typically not be # included in other abstractions so as to avoid parser errors regarding # multiple definitions. # # Limitations: # 1. This does not work for root owned processes, because of the way we use # owner matching in the sanitized helper. We could do a better job with # this to support root, but it would make the policy harder to understand # and going unconfined as root is not desirable any way. # # 2. For this sanitized_helper to work, the program running in the sanitized # environment must open symlinks directly in order for AppArmor to mediate # it. This is confirmed to work with: # - compiled code which can load shared libraries # - python imports # It is known not to work with: # - perl includes # 3. Sanitizing ruby and java # # Use at your own risk. This profile was developed as an interim workaround for # LP: #851986 until AppArmor utilizes proper environment filtering. profile sanitized_helper { #include <abstractions/base> #include <abstractions/X> # Allow all networking network inet, network inet6, # Allow all DBus communications #include <abstractions/dbus-session-strict> #include <abstractions/dbus-strict> dbus, # Needed for Google Chrome ptrace (trace) peer=**//sanitized_helper, # Allow exec of anything, but under this profile. Allow transition # to other profiles if they exist. /{usr/,}bin/* Pixr, /{usr/,}sbin/* Pixr, /usr/local/bin/* Pixr, # Allow exec of libexec applications in /usr/lib* and /usr/local/lib* /usr/{,local/}lib*/{,**/}* Pixr, # Allow exec of software-center scripts. We may need to allow wider # permissions for /usr/share, but for now just do this. (LP: #972367) /usr/share/software-center/* Pixr, # Allow exec of texlive font build scripts (LP: #1010909) /usr/share/texlive/texmf{,-dist}/web2c/{,**/}* Pixr, # While the chromium and chrome sandboxes are setuid root, they only link # in limited libraries so glibc's secure execution should be enough to not # require the santized_helper (ie, LD_PRELOAD will only use standard system # paths (man ld.so)). /usr/lib/chromium-browser/chromium-browser-sandbox PUxr, /usr/lib/chromium{,-browser}/chrome-sandbox PUxr, /opt/google/chrome{,-beta,-unstable}/chrome-sandbox PUxr, /opt/google/chrome{,-beta,-unstable}/google-chrome Pixr, /opt/google/chrome{,-beta,-unstable}/chrome Pixr, /opt/google/chrome{,-beta,-unstable}/{,**/}lib*.so{,.*} m, # Full access / r, /** rwkl, /{,usr/,usr/local/}lib{,32,64}/{,**/}*.so{,.*} m, # Dangerous files audit deny owner /**/* m, # compiled libraries audit deny owner /**/*.py* r, # python imports }