[apparmor] Accessing DMI data!?
mailinglisten at posteo.de
mailinglisten at posteo.de
Tue Feb 11 15:36:00 UTC 2020
10.02.20 18:49:
> On 2/10/20 7:23 AM, mailinglisten at posteo.de wrote:
>> hello,
>>
>> i just discovered, some apps desire access to DMI data, precisely to
>> /sys/devices/virtual/dmi/id/
>> (...)
> Generally speaking the web browser doesn't need access to it. You can deny
> access to it and the web browser should function. However some features
> may not work, like the chrome extension API that was already pointed out.
Ah, very interesting. Firefox seems to use/have the same API, because I
noticed this access with Firefox....
What I recently do is to create a copy of a program and then have 2
profiles, one very tight and the other a bit more flexibel, e.g. I have
/usr/bin/vlc and /usr/bin/vlc-secure both exactly the same, but with
different name that allows to have different profiles.
More information about the AppArmor
mailing list